1 /* 2 * AppArmor security module 3 * 4 * This file contains AppArmor resource mediation and attachment 5 * 6 * Copyright (C) 1998-2008 Novell/SUSE 7 * Copyright 2009-2010 Canonical Ltd. 8 * 9 * This program is free software; you can redistribute it and/or 10 * modify it under the terms of the GNU General Public License as 11 * published by the Free Software Foundation, version 2 of the 12 * License. 13 */ 14 15 #include <linux/audit.h> 16 17 #include "include/audit.h" 18 #include "include/resource.h" 19 #include "include/policy.h" 20 21 /* 22 * Table of rlimit names: we generate it from resource.h. 23 */ 24 #include "rlim_names.h" 25 26 /* audit callback for resource specific fields */ 27 static void audit_cb(struct audit_buffer *ab, void *va) 28 { 29 struct common_audit_data *sa = va; 30 31 audit_log_format(ab, " rlimit=%s value=%lu", 32 rlim_names[sa->aad.rlim.rlim], sa->aad.rlim.max); 33 } 34 35 /** 36 * audit_resource - audit setting resource limit 37 * @profile: profile being enforced (NOT NULL) 38 * @resoure: rlimit being auditing 39 * @value: value being set 40 * @error: error value 41 * 42 * Returns: 0 or sa->error else other error code on failure 43 */ 44 static int audit_resource(struct aa_profile *profile, unsigned int resource, 45 unsigned long value, int error) 46 { 47 struct common_audit_data sa; 48 49 COMMON_AUDIT_DATA_INIT(&sa, NONE); 50 sa.aad.op = OP_SETRLIMIT, 51 sa.aad.rlim.rlim = resource; 52 sa.aad.rlim.max = value; 53 sa.aad.error = error; 54 return aa_audit(AUDIT_APPARMOR_AUTO, profile, GFP_KERNEL, &sa, 55 audit_cb); 56 } 57 58 /** 59 * aa_map_resouce - map compiled policy resource to internal # 60 * @resource: flattened policy resource number 61 * 62 * Returns: resource # for the current architecture. 63 * 64 * rlimit resource can vary based on architecture, map the compiled policy 65 * resource # to the internal representation for the architecture. 66 */ 67 int aa_map_resource(int resource) 68 { 69 return rlim_map[resource]; 70 } 71 72 /** 73 * aa_task_setrlimit - test permission to set an rlimit 74 * @profile - profile confining the task (NOT NULL) 75 * @resource - the resource being set 76 * @new_rlim - the new resource limit (NOT NULL) 77 * 78 * Control raising the processes hard limit. 79 * 80 * Returns: 0 or error code if setting resource failed 81 */ 82 int aa_task_setrlimit(struct aa_profile *profile, unsigned int resource, 83 struct rlimit *new_rlim) 84 { 85 int error = 0; 86 87 if (profile->rlimits.mask & (1 << resource) && 88 new_rlim->rlim_max > profile->rlimits.limits[resource].rlim_max) 89 90 error = audit_resource(profile, resource, new_rlim->rlim_max, 91 -EACCES); 92 93 return error; 94 } 95 96 /** 97 * __aa_transition_rlimits - apply new profile rlimits 98 * @old: old profile on task (NOT NULL) 99 * @new: new profile with rlimits to apply (NOT NULL) 100 */ 101 void __aa_transition_rlimits(struct aa_profile *old, struct aa_profile *new) 102 { 103 unsigned int mask = 0; 104 struct rlimit *rlim, *initrlim; 105 int i; 106 107 /* for any rlimits the profile controlled reset the soft limit 108 * to the less of the tasks hard limit and the init tasks soft limit 109 */ 110 if (old->rlimits.mask) { 111 for (i = 0, mask = 1; i < RLIM_NLIMITS; i++, mask <<= 1) { 112 if (old->rlimits.mask & mask) { 113 rlim = current->signal->rlim + i; 114 initrlim = init_task.signal->rlim + i; 115 rlim->rlim_cur = min(rlim->rlim_max, 116 initrlim->rlim_cur); 117 } 118 } 119 } 120 121 /* set any new hard limits as dictated by the new profile */ 122 if (!new->rlimits.mask) 123 return; 124 for (i = 0, mask = 1; i < RLIM_NLIMITS; i++, mask <<= 1) { 125 if (!(new->rlimits.mask & mask)) 126 continue; 127 128 rlim = current->signal->rlim + i; 129 rlim->rlim_max = min(rlim->rlim_max, 130 new->rlimits.limits[i].rlim_max); 131 /* soft limit should not exceed hard limit */ 132 rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max); 133 } 134 } 135