TOMOYO: Allow domain transition without execve().

To be able to split permissions for Apache's CGI programs which are executed without execve(), add special domain transition which is performed by writing a TOMOYO's domainname to /sys/kernel/security/tomoyo/self_domain interface. This is an API for TOMOYO-aware userland applications. However, since I expect TOMOYO and other LSM modules to run in parallel, this patch does not use /proc/self/attr/ interface in order to avoid conflicts with other LSM modules when it became possible to run multiple LSM modules in parallel. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> 2011-09-10 02:25:58 -0400
committer: James Morris <jmorris@namei.org> 2011-09-13 18:27:06 -0400
commit: 731d37aa70c7b9de3be6bf2c8287366223bf5ce5 (patch)
tree: 8ac6028511485862572695eb91e2d461e0636182 /security/tomoyo/common.h
parent: 1f067a682a9bd252107ac6f6946b7332fde42344 (diff)
1 files changed, 15 insertions, 1 deletions
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h
index 435b3d869fc5..af82683df7ff 100644
--- a/security/tomoyo/common.h
+++ b/security/tomoyo/common.h
@@ -227,6 +227,7 @@ enum tomoyo_acl_entry_type_index {
        TOMOYO_TYPE_INET_ACL,
        TOMOYO_TYPE_UNIX_ACL,
        TOMOYO_TYPE_ENV_ACL,
+        TOMOYO_TYPE_MANUAL_TASK_ACL,
 };
 /* Index numbers for access controls with one pathname. */
@@ -295,7 +296,6 @@ enum tomoyo_securityfs_interface_index {
        TOMOYO_EXCEPTIONPOLICY,
        TOMOYO_PROCESS_STATUS,
        TOMOYO_STAT,
-        TOMOYO_SELFDOMAIN,
        TOMOYO_AUDIT,
        TOMOYO_VERSION,
        TOMOYO_PROFILE,
@@ -480,6 +480,9 @@ struct tomoyo_request_info {
                        unsigned long flags;
                        int need_dev;
                } mount;
+                struct {
+                        const struct tomoyo_path_info *domainname;
+                } task;
        } param;
        struct tomoyo_acl_info *matched_acl;
        u8 param_type;
@@ -680,6 +683,15 @@ struct tomoyo_domain_info {
 };
 /*
+ * Structure for "task manual_domain_transition" directive.
+ */
+struct tomoyo_task_acl {
+        struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_MANUAL_TASK_ACL */
+        /* Pointer to domainname. */
+        const struct tomoyo_path_info *domainname;
+};
+/*
 * Structure for "file execute", "file read", "file write", "file append",
 * "file unlink", "file getattr", "file rmdir", "file truncate",
 * "file symlink", "file chroot" and "file unmount" directive.
@@ -935,6 +947,8 @@ const char *tomoyo_get_exe(void);
 const char *tomoyo_yesno(const unsigned int value);
 const struct tomoyo_path_info *tomoyo_compare_name_union
 (const struct tomoyo_path_info *name, const struct tomoyo_name_union *ptr);
+const struct tomoyo_path_info *tomoyo_get_domainname
+(struct tomoyo_acl_param *param);
 const struct tomoyo_path_info *tomoyo_get_name(const char *name);
 const struct tomoyo_path_info *tomoyo_path_matches_group
 (const struct tomoyo_path_info *pathname, const struct tomoyo_group *group);
author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>	2011-09-10 02:25:58 -0400
committer	James Morris <jmorris@namei.org>	2011-09-13 18:27:06 -0400
commit	731d37aa70c7b9de3be6bf2c8287366223bf5ce5 (patch)
tree	8ac6028511485862572695eb91e2d461e0636182 /security/tomoyo/common.h
parent	1f067a682a9bd252107ac6f6946b7332fde42344 (diff)