Lines Matching +full:- +full:eproto
1 // SPDX-License-Identifier: GPL-2.0-only
8 * Copyright (C) 1998-2008 Novell/SUSE
9 * Copyright 2009-2010 Canonical Ltd.
12 * policy format documentation see Documentation/admin-guide/LSM/apparmor.rst
39 if (ad->iface.ns) { in audit_cb()
41 audit_log_untrustedstring(ab, ad->iface.ns); in audit_cb()
43 if (ad->name) { in audit_cb()
45 audit_log_untrustedstring(ab, ad->name); in audit_cb()
47 if (ad->iface.pos) in audit_cb()
48 audit_log_format(ab, " offset=%ld", ad->iface.pos); in audit_cb()
52 * audit_iface - do audit message for policy unpacking/load/replace/remove
69 ad.iface.pos = e->pos - e->start; in audit_iface()
72 ad.name = new->base.hname; in audit_iface()
84 AA_BUG(!data->ns); in __aa_loaddata_update()
85 AA_BUG(!mutex_is_locked(&data->ns->lock)); in __aa_loaddata_update()
86 AA_BUG(data->revision > revision); in __aa_loaddata_update()
88 data->revision = revision; in __aa_loaddata_update()
89 if ((data->dents[AAFS_LOADDATA_REVISION])) { in __aa_loaddata_update()
92 inode = d_inode(data->dents[AAFS_LOADDATA_DIR]); in __aa_loaddata_update()
95 inode = d_inode(data->dents[AAFS_LOADDATA_REVISION]); in __aa_loaddata_update()
102 if (l->size != r->size) in aa_rawdata_eq()
104 if (l->compressed_size != r->compressed_size) in aa_rawdata_eq()
106 if (aa_g_hash_policy && memcmp(l->hash, r->hash, aa_hash_size()) != 0) in aa_rawdata_eq()
108 return memcmp(l->data, r->data, r->compressed_size ?: r->size) == 0; in aa_rawdata_eq()
118 struct aa_ns *ns = aa_get_ns(d->ns); in do_loaddata_free()
121 mutex_lock_nested(&ns->lock, ns->level); in do_loaddata_free()
123 mutex_unlock(&ns->lock); in do_loaddata_free()
127 kfree_sensitive(d->hash); in do_loaddata_free()
128 kfree_sensitive(d->name); in do_loaddata_free()
129 kvfree(d->data); in do_loaddata_free()
138 INIT_WORK(&d->work, do_loaddata_free); in aa_loaddata_kref()
139 schedule_work(&d->work); in aa_loaddata_kref()
149 return ERR_PTR(-ENOMEM); in aa_loaddata_alloc()
150 d->data = kvzalloc(size, GFP_KERNEL); in aa_loaddata_alloc()
151 if (!d->data) { in aa_loaddata_alloc()
153 return ERR_PTR(-ENOMEM); in aa_loaddata_alloc()
155 kref_init(&d->count); in aa_loaddata_alloc()
156 INIT_LIST_HEAD(&d->list); in aa_loaddata_alloc()
164 return (size <= e->end - e->pos); in aa_inbounds()
169 * aa_unpack_u16_chunk - test and do bounds checking for a u16 size based chunk
178 void *pos = e->pos; in aa_unpack_u16_chunk()
182 size = le16_to_cpu(get_unaligned((__le16 *) e->pos)); in aa_unpack_u16_chunk()
183 e->pos += sizeof(__le16); in aa_unpack_u16_chunk()
186 *chunk = e->pos; in aa_unpack_u16_chunk()
187 e->pos += size; in aa_unpack_u16_chunk()
191 e->pos = pos; in aa_unpack_u16_chunk()
201 if (*(u8 *) e->pos != code) in aa_unpack_X()
203 e->pos++; in aa_unpack_X()
209 * aa_unpack_nameX - check is the next element is of type X with a name of @name
229 void *pos = e->pos; in aa_unpack_nameX()
238 if (name && (!size || tag[size-1] != '\0' || strcmp(name, tag))) in aa_unpack_nameX()
250 e->pos = pos; in aa_unpack_nameX()
257 void *pos = e->pos; in unpack_u8()
263 *data = *((u8 *)e->pos); in unpack_u8()
264 e->pos += sizeof(u8); in unpack_u8()
269 e->pos = pos; in unpack_u8()
275 void *pos = e->pos; in aa_unpack_u32()
281 *data = le32_to_cpu(get_unaligned((__le32 *) e->pos)); in aa_unpack_u32()
282 e->pos += sizeof(u32); in aa_unpack_u32()
287 e->pos = pos; in aa_unpack_u32()
294 void *pos = e->pos; in aa_unpack_u64()
300 *data = le64_to_cpu(get_unaligned((__le64 *) e->pos)); in aa_unpack_u64()
301 e->pos += sizeof(u64); in aa_unpack_u64()
306 e->pos = pos; in aa_unpack_u64()
317 data->val = val; in aa_unpack_cap_low()
327 data->val = (u32)data->val | ((u64)val << 32); in aa_unpack_cap_high()
333 void *pos = e->pos; in aa_unpack_array()
338 *size = le16_to_cpu(get_unaligned((__le16 *) e->pos)); in aa_unpack_array()
339 e->pos += sizeof(u16); in aa_unpack_array()
344 e->pos = pos; in aa_unpack_array()
351 void *pos = e->pos; in aa_unpack_blob()
357 size = le32_to_cpu(get_unaligned((__le32 *) e->pos)); in aa_unpack_blob()
358 e->pos += sizeof(u32); in aa_unpack_blob()
360 *blob = e->pos; in aa_unpack_blob()
361 e->pos += size; in aa_unpack_blob()
367 e->pos = pos; in aa_unpack_blob()
376 void *pos = e->pos; in aa_unpack_str()
381 /* strings are null terminated, length is size - 1 */ in aa_unpack_str()
382 if (src_str[size - 1] != 0) in aa_unpack_str()
391 e->pos = pos; in aa_unpack_str()
399 void *pos = e->pos; in aa_unpack_strdup()
408 e->pos = pos; in aa_unpack_strdup()
418 * unpack_dfa - unpack a file rule dfa
437 size_t sz = blob - (char *) e->start - in unpack_dfa()
438 ((e->pos - e->start) & 7); in unpack_dfa()
439 size_t pad = ALIGN(sz, 8) - sz; in unpack_dfa()
442 dfa = aa_dfa_unpack(blob + pad, size - pad, flags); in unpack_dfa()
453 * unpack_trans_table - unpack a profile transition table
461 void *saved_pos = e->pos; in unpack_trans_table()
481 strs->table = table; in unpack_trans_table()
482 strs->size = size; in unpack_trans_table()
497 for (c = j = 0; j < size2 - 1; j++) { in unpack_trans_table()
518 /* fail - all other cases with embedded \0 */ in unpack_trans_table()
530 e->pos = saved_pos; in unpack_trans_table()
536 void *pos = e->pos; in unpack_xattrs()
544 profile->attach.xattr_count = size; in unpack_xattrs()
545 profile->attach.xattrs = kcalloc(size, sizeof(char *), GFP_KERNEL); in unpack_xattrs()
546 if (!profile->attach.xattrs) in unpack_xattrs()
549 if (!aa_unpack_strdup(e, &profile->attach.xattrs[i], NULL)) in unpack_xattrs()
561 e->pos = pos; in unpack_xattrs()
567 void *pos = e->pos; in unpack_secmark()
575 rules->secmark = kcalloc(size, sizeof(struct aa_secmark), in unpack_secmark()
577 if (!rules->secmark) in unpack_secmark()
580 rules->secmark_count = size; in unpack_secmark()
583 if (!unpack_u8(e, &rules->secmark[i].audit, NULL)) in unpack_secmark()
585 if (!unpack_u8(e, &rules->secmark[i].deny, NULL)) in unpack_secmark()
587 if (!aa_unpack_strdup(e, &rules->secmark[i].label, NULL)) in unpack_secmark()
599 if (rules->secmark) { in unpack_secmark()
601 kfree(rules->secmark[i].label); in unpack_secmark()
602 kfree(rules->secmark); in unpack_secmark()
603 rules->secmark_count = 0; in unpack_secmark()
604 rules->secmark = NULL; in unpack_secmark()
607 e->pos = pos; in unpack_secmark()
613 void *pos = e->pos; in unpack_rlimits()
622 rules->rlimits.mask = tmp; in unpack_rlimits()
632 rules->rlimits.limits[a].rlim_max = tmp2; in unpack_rlimits()
642 e->pos = pos; in unpack_rlimits()
651 return aa_unpack_u32(e, &perm->allow, NULL) && in unpack_perm()
652 aa_unpack_u32(e, &perm->allow, NULL) && in unpack_perm()
653 aa_unpack_u32(e, &perm->deny, NULL) && in unpack_perm()
654 aa_unpack_u32(e, &perm->subtree, NULL) && in unpack_perm()
655 aa_unpack_u32(e, &perm->cond, NULL) && in unpack_perm()
656 aa_unpack_u32(e, &perm->kill, NULL) && in unpack_perm()
657 aa_unpack_u32(e, &perm->complain, NULL) && in unpack_perm()
658 aa_unpack_u32(e, &perm->prompt, NULL) && in unpack_perm()
659 aa_unpack_u32(e, &perm->audit, NULL) && in unpack_perm()
660 aa_unpack_u32(e, &perm->quiet, NULL) && in unpack_perm()
661 aa_unpack_u32(e, &perm->hide, NULL) && in unpack_perm()
662 aa_unpack_u32(e, &perm->xindex, NULL) && in unpack_perm()
663 aa_unpack_u32(e, &perm->tag, NULL) && in unpack_perm()
664 aa_unpack_u32(e, &perm->label, NULL); in unpack_perm()
669 void *pos = e->pos; in unpack_perms_table()
704 e->pos = pos; in unpack_perms_table()
705 return -EPROTO; in unpack_perms_table()
713 void *pos = e->pos; in unpack_pdb()
714 int i, flags, error = -EPROTO; in unpack_pdb()
719 return -ENOMEM; in unpack_pdb()
721 size = unpack_perms_table(e, &pdb->perms); in unpack_pdb()
724 pdb->perms = NULL; in unpack_pdb()
725 *info = "failed to unpack - perms"; in unpack_pdb()
728 pdb->size = size; in unpack_pdb()
730 if (pdb->perms) { in unpack_pdb()
739 pdb->dfa = unpack_dfa(e, flags); in unpack_pdb()
740 if (IS_ERR(pdb->dfa)) { in unpack_pdb()
741 error = PTR_ERR(pdb->dfa); in unpack_pdb()
742 pdb->dfa = NULL; in unpack_pdb()
743 *info = "failed to unpack - dfa"; in unpack_pdb()
745 } else if (!pdb->dfa) { in unpack_pdb()
757 if (!aa_unpack_u32(e, &pdb->start[0], "start")) in unpack_pdb()
759 pdb->start[0] = DFA_START; in unpack_pdb()
760 if (!aa_unpack_u32(e, &pdb->start[AA_CLASS_FILE], "dfa_start")) { in unpack_pdb()
762 pdb->start[AA_CLASS_FILE] = DFA_START; in unpack_pdb()
765 pdb->start[i] = aa_dfa_next(pdb->dfa, pdb->start[0], in unpack_pdb()
775 if (!unpack_trans_table(e, &pdb->trans) && required_trans) { in unpack_pdb()
780 if (!pdb->dfa && pdb->trans.table) in unpack_pdb()
781 aa_free_str_table(&pdb->trans); in unpack_pdb()
791 e->pos = pos; in unpack_pdb()
805 const char * const *key = arg->key; in datacmp()
807 return strcmp(data->key, *key); in datacmp()
811 * unpack_profile - unpack a serialized profile
827 int error = -EPROTO; in unpack_profile()
850 error = -ENOMEM; in unpack_profile()
859 error = -ENOMEM; in unpack_profile()
862 rules = list_first_entry(&profile->rules, typeof(*rules), list); in unpack_profile()
865 (void) aa_unpack_str(e, &profile->rename, "rename"); in unpack_profile()
868 (void) aa_unpack_str(e, &profile->attach.xmatch_str, "attach"); in unpack_profile()
871 error = unpack_pdb(e, &profile->attach.xmatch, false, false, &info); in unpack_profile()
878 if (profile->attach.xmatch->dfa) { in unpack_profile()
883 profile->attach.xmatch_len = tmp; in unpack_profile()
884 profile->attach.xmatch->start[AA_CLASS_XMATCH] = DFA_START; in unpack_profile()
885 if (!profile->attach.xmatch->perms) { in unpack_profile()
886 error = aa_compat_map_xmatch(profile->attach.xmatch); in unpack_profile()
896 profile->disconnected = disconnected; in unpack_profile()
907 profile->label.flags |= FLAG_HAT; in unpack_profile()
909 profile->label.flags |= FLAG_DEBUG1; in unpack_profile()
911 profile->label.flags |= FLAG_DEBUG2; in unpack_profile()
914 if (tmp == PACKED_MODE_COMPLAIN || (e->version & FORCE_COMPLAIN_FLAG)) { in unpack_profile()
915 profile->mode = APPARMOR_COMPLAIN; in unpack_profile()
917 profile->mode = APPARMOR_ENFORCE; in unpack_profile()
919 profile->mode = APPARMOR_KILL; in unpack_profile()
921 profile->mode = APPARMOR_UNCONFINED; in unpack_profile()
922 profile->label.flags |= FLAG_UNCONFINED; in unpack_profile()
924 profile->mode = APPARMOR_USER; in unpack_profile()
931 profile->audit = AUDIT_ALL; in unpack_profile()
937 if (aa_unpack_u32(e, &profile->path_flags, "path_flags")) in unpack_profile()
938 profile->path_flags |= profile->label.flags & in unpack_profile()
942 profile->path_flags = PATH_MEDIATE_DELETED; in unpack_profile()
945 if (!aa_unpack_cap_low(e, &rules->caps.allow, NULL)) in unpack_profile()
947 if (!aa_unpack_cap_low(e, &rules->caps.audit, NULL)) in unpack_profile()
949 if (!aa_unpack_cap_low(e, &rules->caps.quiet, NULL)) in unpack_profile()
957 if (!aa_unpack_cap_high(e, &rules->caps.allow, NULL)) in unpack_profile()
959 if (!aa_unpack_cap_high(e, &rules->caps.audit, NULL)) in unpack_profile()
961 if (!aa_unpack_cap_high(e, &rules->caps.quiet, NULL)) in unpack_profile()
972 if (!aa_unpack_cap_low(e, &rules->caps.extended, NULL)) in unpack_profile()
974 if (!aa_unpack_cap_high(e, &rules->caps.extended, NULL)) in unpack_profile()
996 /* generic policy dfa - optional and may be NULL */ in unpack_profile()
998 error = unpack_pdb(e, &rules->policy, true, false, in unpack_profile()
1003 if (aa_dfa_next(rules->policy->dfa, rules->policy->start[0], in unpack_profile()
1005 rules->policy->start[AA_CLASS_FILE] = in unpack_profile()
1006 aa_dfa_next(rules->policy->dfa, in unpack_profile()
1007 rules->policy->start[0], in unpack_profile()
1011 if (!rules->policy->perms) { in unpack_profile()
1012 error = aa_compat_map_policy(rules->policy, in unpack_profile()
1013 e->version); in unpack_profile()
1020 rules->policy = aa_get_pdb(nullpdb); in unpack_profile()
1023 error = unpack_pdb(e, &rules->file, false, true, &info); in unpack_profile()
1026 } else if (rules->file->dfa) { in unpack_profile()
1027 if (!rules->file->perms) { in unpack_profile()
1028 error = aa_compat_map_file(rules->file); in unpack_profile()
1034 } else if (rules->policy->dfa && in unpack_profile()
1035 rules->policy->start[AA_CLASS_FILE]) { in unpack_profile()
1036 aa_put_pdb(rules->file); in unpack_profile()
1037 rules->file = aa_get_pdb(rules->policy); in unpack_profile()
1039 aa_put_pdb(rules->file); in unpack_profile()
1040 rules->file = aa_get_pdb(nullpdb); in unpack_profile()
1042 error = -EPROTO; in unpack_profile()
1045 profile->data = kzalloc(sizeof(*profile->data), GFP_KERNEL); in unpack_profile()
1046 if (!profile->data) { in unpack_profile()
1047 error = -ENOMEM; in unpack_profile()
1057 if (rhashtable_init(profile->data, ¶ms)) { in unpack_profile()
1066 error = -ENOMEM; in unpack_profile()
1070 data->key = key; in unpack_profile()
1071 data->size = aa_unpack_blob(e, &data->data, NULL); in unpack_profile()
1072 data->data = kvmemdup(data->data, data->size, GFP_KERNEL); in unpack_profile()
1073 if (data->size && !data->data) { in unpack_profile()
1074 kfree_sensitive(data->key); in unpack_profile()
1076 error = -ENOMEM; in unpack_profile()
1080 if (rhashtable_insert_fast(profile->data, &data->head, in unpack_profile()
1081 profile->data->p)) { in unpack_profile()
1082 kvfree_sensitive(data->data, data->size); in unpack_profile()
1083 kfree_sensitive(data->key); in unpack_profile()
1106 error = -EPROTO; in unpack_profile()
1122 * verify_header - unpack serialized stream header
1125 * @ns: Returns - namespace if one is specified else NULL (NOT NULL)
1131 int error = -EPROTONOSUPPORT; in verify_header()
1136 if (!aa_unpack_u32(e, &e->version, "version")) { in verify_header()
1148 if (VERSION_LT(e->version, v5) || VERSION_GT(e->version, v9)) { in verify_header()
1167 return -ENOMEM; in verify_header()
1175 * verify_dfa_accept_index - verify accept indexes are in range of perms table
1182 for (i = 0; i < dfa->tables[YYTD_ID_ACCEPT]->td_lolen; i++) { in verify_dfa_accept_index()
1192 if (perm->allow & perm->deny) in verify_perm()
1194 if (perm->subtree & ~perm->allow) in verify_perm()
1196 if (perm->cond & (perm->allow | perm->deny)) in verify_perm()
1198 if (perm->kill & perm->allow) in verify_perm()
1200 if (perm->complain & (perm->allow | perm->deny)) in verify_perm()
1202 if (perm->prompt & (perm->allow | perm->deny)) in verify_perm()
1204 if (perm->complain & perm->prompt) in verify_perm()
1206 if (perm->hide & perm->allow) in verify_perm()
1216 for (i = 0; i < pdb->size; i++) { in verify_perms()
1217 if (!verify_perm(&pdb->perms[i])) in verify_perms()
1220 if ((pdb->perms[i].xindex & AA_X_TYPE_MASK) == AA_X_TABLE && in verify_perms()
1221 (pdb->perms[i].xindex & AA_X_INDEX_MASK) >= pdb->trans.size) in verify_perms()
1223 if (pdb->perms[i].tag && pdb->perms[i].tag >= pdb->trans.size) in verify_perms()
1225 if (pdb->perms[i].label && in verify_perms()
1226 pdb->perms[i].label >= pdb->trans.size) in verify_perms()
1234 * verify_profile - Do post unpack analysis to verify profile consistency
1243 struct aa_ruleset *rules = list_first_entry(&profile->rules, in verify_profile()
1248 if (rules->file->dfa && !verify_dfa_accept_index(rules->file->dfa, in verify_profile()
1249 rules->file->size)) { in verify_profile()
1252 -EPROTO); in verify_profile()
1253 return -EPROTO; in verify_profile()
1255 if (rules->policy->dfa && in verify_profile()
1256 !verify_dfa_accept_index(rules->policy->dfa, rules->policy->size)) { in verify_profile()
1259 -EPROTO); in verify_profile()
1260 return -EPROTO; in verify_profile()
1263 if (!verify_perms(rules->file)) { in verify_profile()
1265 "Unpack: Invalid perm index", NULL, -EPROTO); in verify_profile()
1266 return -EPROTO; in verify_profile()
1268 if (!verify_perms(rules->policy)) { in verify_profile()
1270 "Unpack: Invalid perm index", NULL, -EPROTO); in verify_profile()
1271 return -EPROTO; in verify_profile()
1273 if (!verify_perms(profile->attach.xmatch)) { in verify_profile()
1275 "Unpack: Invalid perm index", NULL, -EPROTO); in verify_profile()
1276 return -EPROTO; in verify_profile()
1285 aa_put_profile(ent->rename); in aa_load_ent_free()
1286 aa_put_profile(ent->old); in aa_load_ent_free()
1287 aa_put_profile(ent->new); in aa_load_ent_free()
1288 kfree(ent->ns_name); in aa_load_ent_free()
1297 INIT_LIST_HEAD(&ent->list); in aa_load_ent_alloc()
1315 ret = -ENOMEM; in compress_zstd()
1321 ret = -ENOMEM; in compress_zstd()
1327 ret = -EINVAL; in compress_zstd()
1333 ret = -EINVAL; in compress_zstd()
1354 ret = -ENOMEM; in compress_zstd()
1376 AA_BUG(data->compressed_size > 0); in compress_loaddata()
1383 void *udata = data->data; in compress_loaddata()
1384 int error = compress_zstd(udata, data->size, &data->data, in compress_loaddata()
1385 &data->compressed_size); in compress_loaddata()
1387 data->compressed_size = data->size; in compress_loaddata()
1390 if (udata != data->data) in compress_loaddata()
1393 data->compressed_size = data->size; in compress_loaddata()
1399 * aa_unpack - unpack packed binary profile(s) data loaded from user space
1418 .start = udata->data, in aa_unpack()
1419 .end = udata->data + udata->size, in aa_unpack()
1420 .pos = udata->data, in aa_unpack()
1443 e.pos - start); in aa_unpack()
1449 error = -ENOMEM; in aa_unpack()
1453 ent->new = profile; in aa_unpack()
1454 ent->ns_name = ns_name; in aa_unpack()
1456 list_add_tail(&ent->list, lh); in aa_unpack()
1458 udata->abi = e.version & K_ABI_MASK; in aa_unpack()
1460 udata->hash = aa_calc_hash(udata->data, udata->size); in aa_unpack()
1461 if (IS_ERR(udata->hash)) { in aa_unpack()
1462 error = PTR_ERR(udata->hash); in aa_unpack()
1463 udata->hash = NULL; in aa_unpack()
1481 list_del_init(&ent->list); in aa_unpack()