1 files changed, 114 insertions, 0 deletions
diff --git a/security/apparmor/ipc.c b/security/apparmor/ipc.c
new file mode 100644
index 000000000000..9013a78a1663
--- /dev/null
+++ b/security/apparmor/ipc.c
@@ -0,0 +1,114 @@
+/*
+ * AppArmor security module
+ *
+ * This file contains AppArmor ipc mediation
+ *
+ * Copyright (C) 1998-2008 Novell/SUSE
+ * Copyright 2009-2010 Canonical Ltd.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation, version 2 of the
+ * License.
+ */
+#include <linux/gfp.h>
+#include <linux/ptrace.h>
+#include "include/audit.h"
+#include "include/capability.h"
+#include "include/context.h"
+#include "include/policy.h"
+/* call back to audit ptrace fields */
+static void audit_cb(struct audit_buffer *ab, void *va)
+{
+        struct common_audit_data *sa = va;
+        audit_log_format(ab, " target=");
+        audit_log_untrustedstring(ab, sa->aad.target);
+}
+/**
+ * aa_audit_ptrace - do auditing for ptrace
+ * @profile: profile being enforced  (NOT NULL)
+ * @target: profile being traced (NOT NULL)
+ * @error: error condition
+ *
+ * Returns: %0 or error code
+ */
+static int aa_audit_ptrace(struct aa_profile *profile,
+                           struct aa_profile *target, int error)
+{
+        struct common_audit_data sa;
+        COMMON_AUDIT_DATA_INIT(&sa, NONE);
+        sa.aad.op = OP_PTRACE;
+        sa.aad.target = target;
+        sa.aad.error = error;
+        return aa_audit(AUDIT_APPARMOR_AUTO, profile, GFP_ATOMIC, &sa,
+                        audit_cb);
+}
+/**
+ * aa_may_ptrace - test if tracer task can trace the tracee
+ * @tracer_task: task who will do the tracing  (NOT NULL)
+ * @tracer: profile of the task doing the tracing  (NOT NULL)
+ * @tracee: task to be traced
+ * @mode: whether PTRACE_MODE_READ || PTRACE_MODE_ATTACH
+ *
+ * Returns: %0 else error code if permission denied or error
+ */
+int aa_may_ptrace(struct task_struct *tracer_task, struct aa_profile *tracer,
+                  struct aa_profile *tracee, unsigned int mode)
+{
+        /* TODO: currently only based on capability, not extended ptrace
+         *       rules,
+         *       Test mode for PTRACE_MODE_READ || PTRACE_MODE_ATTACH
+         */
+        if (unconfined(tracer) || tracer == tracee)
+                return 0;
+        /* log this capability request */
+        return aa_capable(tracer_task, tracer, CAP_SYS_PTRACE, 1);
+}
+/**
+ * aa_ptrace - do ptrace permission check and auditing
+ * @tracer: task doing the tracing (NOT NULL)
+ * @tracee: task being traced (NOT NULL)
+ * @mode: ptrace mode either PTRACE_MODE_READ || PTRACE_MODE_ATTACH
+ *
+ * Returns: %0 else error code if permission denied or error
+ */
+int aa_ptrace(struct task_struct *tracer, struct task_struct *tracee,
+              unsigned int mode)
+{
+        /*
+         * tracer can ptrace tracee when
+         * - tracer is unconfined ||
+         *   - tracer is in complain mode
+         *   - tracer has rules allowing it to trace tracee currently this is:
+         *       - confined by the same profile ||
+         *       - tracer profile has CAP_SYS_PTRACE
+         */
+        struct aa_profile *tracer_p;
+        /* cred released below */
+        const struct cred *cred = get_task_cred(tracer);
+        int error = 0;
+        tracer_p = aa_cred_profile(cred);
+        if (!unconfined(tracer_p)) {
+                /* lcred released below */
+                struct cred *lcred = get_task_cred(tracee);
+                struct aa_profile *tracee_p = aa_cred_profile(lcred);
+                error = aa_may_ptrace(tracer, tracer_p, tracee_p, mode);
+                error = aa_audit_ptrace(tracer_p, tracee_p, error);
+                put_cred(lcred);
+        }
+        put_cred(cred);
+        return error;
+}

diff --git a/security/apparmor/ipc.c b/security/apparmor/ipc.c new file mode 100644 index 000000000000..9013a78a1663 --- /dev/null +++ b/security/apparmor/ipc.c
@@ -0,0 +1,114 @@
	1	/*
	2	* AppArmor security module
	3	*
	4	* This file contains AppArmor ipc mediation
	5	*
	6	* Copyright (C) 1998-2008 Novell/SUSE
	7	* Copyright 2009-2010 Canonical Ltd.
	8	*
	9	* This program is free software; you can redistribute it and/or
	10	* modify it under the terms of the GNU General Public License as
	11	* published by the Free Software Foundation, version 2 of the
	12	* License.
	13	*/
	14
	15	#include <linux/gfp.h>
	16	#include <linux/ptrace.h>
	17
	18	#include "include/audit.h"
	19	#include "include/capability.h"
	20	#include "include/context.h"
	21	#include "include/policy.h"
	22
	23	/* call back to audit ptrace fields */
	24	static void audit_cb(struct audit_buffer ab, void va)
	25	{
	26	struct common_audit_data *sa = va;
	27	audit_log_format(ab, " target=");
	28	audit_log_untrustedstring(ab, sa->aad.target);
	29	}
	30
	31	/**
	32	* aa_audit_ptrace - do auditing for ptrace
	33	* @profile: profile being enforced (NOT NULL)
	34	* @target: profile being traced (NOT NULL)
	35	* @error: error condition
	36	*
	37	* Returns: %0 or error code
	38	*/
	39	static int aa_audit_ptrace(struct aa_profile *profile,
	40	struct aa_profile *target, int error)
	41	{
	42	struct common_audit_data sa;
	43	COMMON_AUDIT_DATA_INIT(&sa, NONE);
	44	sa.aad.op = OP_PTRACE;
	45	sa.aad.target = target;
	46	sa.aad.error = error;
	47
	48	return aa_audit(AUDIT_APPARMOR_AUTO, profile, GFP_ATOMIC, &sa,
	49	audit_cb);
	50	}
	51
	52	/**
	53	* aa_may_ptrace - test if tracer task can trace the tracee
	54	* @tracer_task: task who will do the tracing (NOT NULL)
	55	* @tracer: profile of the task doing the tracing (NOT NULL)
	56	* @tracee: task to be traced
	57	* @mode: whether PTRACE_MODE_READ \|\| PTRACE_MODE_ATTACH
	58	*
	59	* Returns: %0 else error code if permission denied or error
	60	*/
	61	int aa_may_ptrace(struct task_struct tracer_task, struct aa_profile tracer,
	62	struct aa_profile *tracee, unsigned int mode)
	63	{
	64	/* TODO: currently only based on capability, not extended ptrace
	65	* rules,
	66	* Test mode for PTRACE_MODE_READ \|\| PTRACE_MODE_ATTACH
	67	*/
	68
	69	if (unconfined(tracer) \|\| tracer == tracee)
	70	return 0;
	71	/* log this capability request */
	72	return aa_capable(tracer_task, tracer, CAP_SYS_PTRACE, 1);
	73	}
	74
	75	/**
	76	* aa_ptrace - do ptrace permission check and auditing
	77	* @tracer: task doing the tracing (NOT NULL)
	78	* @tracee: task being traced (NOT NULL)
	79	* @mode: ptrace mode either PTRACE_MODE_READ \|\| PTRACE_MODE_ATTACH
	80	*
	81	* Returns: %0 else error code if permission denied or error
	82	*/
	83	int aa_ptrace(struct task_struct tracer, struct task_struct tracee,
	84	unsigned int mode)
	85	{
	86	/*
	87	* tracer can ptrace tracee when
	88	* - tracer is unconfined \|\|
	89	* - tracer is in complain mode
	90	* - tracer has rules allowing it to trace tracee currently this is:
	91	* - confined by the same profile \|\|
	92	* - tracer profile has CAP_SYS_PTRACE
	93	*/
	94
	95	struct aa_profile *tracer_p;
	96	/* cred released below */
	97	const struct cred *cred = get_task_cred(tracer);
	98	int error = 0;
	99	tracer_p = aa_cred_profile(cred);
	100
	101	if (!unconfined(tracer_p)) {
	102	/* lcred released below */
	103	struct cred *lcred = get_task_cred(tracee);
	104	struct aa_profile *tracee_p = aa_cred_profile(lcred);
	105
	106	error = aa_may_ptrace(tracer, tracer_p, tracee_p, mode);
	107	error = aa_audit_ptrace(tracer_p, tracee_p, error);
	108
	109	put_cred(lcred);
	110	}
	111	put_cred(cred);
	112
	113	return error;
	114	}