apparmor: pass the subject profile into profile replace/remove

This is just setup for new ns specific .load, .replace, .remove interface files. Signed-off-by: John Johansen <john.johansen@canonical.com>
8 years ago · 12dd7171d6
parent 04dc715e24
commit 12dd7171d6
3 changed files with 21 additions and 16 deletions
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@ -133,7 +133,7 @@ static ssize_t policy_update(int binop, const char __user *buf, size_t size,
 	data = aa_simple_write_to_buffer(op, buf, size, size, pos);
 	error = PTR_ERR(data);
 	if (!IS_ERR(data)) {
-		error = aa_replace_profiles(profile->ns, binop, data);
+		error = aa_replace_profiles(profile->ns, profile, binop, data);
 		aa_put_loaddata(data);
 	}

@ -192,7 +192,8 @@ static ssize_t profile_remove(struct file *f, const char __user *buf,
 	error = PTR_ERR(data);
 	if (!IS_ERR(data)) {
 		data->data[size] = 0;
-		error = aa_remove_profiles(profile->ns, data->data, size);
+		error = aa_remove_profiles(profile->ns, profile, data->data,
+					   size);
 		aa_put_loaddata(data);
 	}
 out:
--- a/security/apparmor/include/policy.h
+++ b/security/apparmor/include/policy.h
@ -188,9 +188,10 @@ struct aa_profile *aa_fqlookupn_profile(struct aa_profile *base,
 					const char *fqname, size_t n);
 struct aa_profile *aa_match_profile(struct aa_ns *ns, const char *name);

-ssize_t aa_replace_profiles(struct aa_ns *view, bool noreplace,
-			    struct aa_loaddata *udata);
-ssize_t aa_remove_profiles(struct aa_ns *view, char *name, size_t size);
+ssize_t aa_replace_profiles(struct aa_ns *view, struct aa_profile *profile,
+			    bool noreplace, struct aa_loaddata *udata);
+ssize_t aa_remove_profiles(struct aa_ns *view, struct aa_profile *profile,
+			    char *name, size_t size);
 void __aa_profile_list_release(struct list_head *head);

 #define PROF_ADD 1
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@ -803,6 +803,7 @@ static int __lookup_replace(struct aa_ns *ns, const char *hname,
 /**
 * aa_replace_profiles - replace profile(s) on the profile list
 * @view: namespace load is viewed from
+ * @label: label that is attempting to load/replace policy
 * @noreplace: true if only doing addition, no replacement allowed
 * @udata: serialized data stream  (NOT NULL)
 *
@ -812,8 +813,8 @@ static int __lookup_replace(struct aa_ns *ns, const char *hname,
 *
 * Returns: size of data consumed else error code on failure.
 */
-ssize_t aa_replace_profiles(struct aa_ns *view, bool noreplace,
-			    struct aa_loaddata *udata)
+ssize_t aa_replace_profiles(struct aa_ns *view, struct aa_profile *profile,
+			    bool noreplace, struct aa_loaddata *udata)
 {
 	const char *ns_name, *info = NULL;
 	struct aa_ns *ns = NULL;
@ -935,7 +936,7 @@ ssize_t aa_replace_profiles(struct aa_ns *view, bool noreplace,
 		list_del_init(&ent->list);
 		op = (!ent->old && !ent->rename) ? OP_PROF_LOAD : OP_PROF_REPL;

-		audit_policy(__aa_current_profile(), op, GFP_ATOMIC, NULL,
+		audit_policy(profile, op, GFP_ATOMIC, NULL,
 			     ent->new->base.hname, NULL, error);

 		if (ent->old) {
@ -991,8 +992,8 @@ fail_lock:
 	/* audit cause of failure */
 	op = (!ent->old) ? OP_PROF_LOAD : OP_PROF_REPL;
 fail:
-	audit_policy(__aa_current_profile(), op, GFP_KERNEL, ns_name,
-		     ent->new->base.hname, info, error);
+	audit_policy(profile, op, GFP_KERNEL, ns_name, ent->new->base.hname,
+		     info, error);
 	/* audit status that rest of profiles in the atomic set failed too */
 	info = "valid profile in failed atomic policy load";
 	list_for_each_entry(tmp, &lh, list) {
@ -1002,7 +1003,7 @@ fail:
 			continue;
 		}
 		op = (!ent->old) ? OP_PROF_LOAD : OP_PROF_REPL;
-		audit_policy(__aa_current_profile(), op, GFP_KERNEL, ns_name,
+		audit_policy(profile, op, GFP_KERNEL, ns_name,
 			     tmp->new->base.hname, info, error);
 	}
 	list_for_each_entry_safe(ent, tmp, &lh, list) {
@ -1016,6 +1017,7 @@ fail:
 /**
 * aa_remove_profiles - remove profile(s) from the system
 * @view: namespace the remove is being done from
+ * @subj: profile attempting to remove policy
 * @fqname: name of the profile or namespace to remove  (NOT NULL)
 * @size: size of the name
 *
@ -1026,7 +1028,8 @@ fail:
 *
 * Returns: size of data consume else error code if fails
 */
-ssize_t aa_remove_profiles(struct aa_ns *view, char *fqname, size_t size)
+ssize_t aa_remove_profiles(struct aa_ns *view, struct aa_profile *subj,
+			   char *fqname, size_t size)
 {
 	struct aa_ns *root = NULL, *ns = NULL;
 	struct aa_profile *profile = NULL;
@ -1075,8 +1078,8 @@ ssize_t aa_remove_profiles(struct aa_ns *view, char *fqname, size_t size)
 	}

 	/* don't fail removal if audit fails */
-	(void) audit_policy(__aa_current_profile(), OP_PROF_RM, GFP_KERNEL,
-			    ns_name, name, info, error);
+	(void) audit_policy(subj, OP_PROF_RM, GFP_KERNEL, ns_name, name, info,
+			    error);
 	aa_put_ns(ns);
 	aa_put_profile(profile);
 	return size;
@ -1086,7 +1089,7 @@ fail_ns_lock:
 	aa_put_ns(ns);

 fail:
-	(void) audit_policy(__aa_current_profile(), OP_PROF_RM, GFP_KERNEL,
-			    ns_name, name, info, error);
+	(void) audit_policy(subj, OP_PROF_RM, GFP_KERNEL, ns_name, name, info,
+			    error);
 	return error;
 }