Re: [RFC][PATCH 6/11] security: AppArmor - Userspace interface

From: Pavel Machek
Date: Fri Apr 21 2006 - 14:42:15 EST

Next message: Steven Rostedt: "Re: Linux 2.6.17-rc2"
Previous message: Nick Piggin: "Re: [PATCH] Shrink rbtree"
In reply to: Tony Jones: "Re: [RFC][PATCH 6/11] security: AppArmor - Userspace interface"
Next in thread: Arjan van de Ven: "Re: [RFC][PATCH 0/11] security: AppArmor - Overview"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> > > +/**
> > > + * aa_activate_profile - unpack a serialized profile
> > > + * @e: serialized data extent information
> > > + * @error: error code returned if unpacking fails
> > > + */
> > > +static struct aaprofile *aa_activate_profile(struct aa_ext *e, ssize_t *error)
> > > +{
> > > + struct aaprofile *profile = NULL;
> > > + const char *rulename = "";
> > > + const char *error_string = "Invalid Profile";
> > > +
> > > + *error = -EPROTO;
> > > +
> > > + profile = alloc_aaprofile();
> > > + if (!profile) {
> > > + error_string = "Could not allocate profile";
> > > + *error = -ENOMEM;
> > > + goto fail;
> > > + }
> > > +
> > > + /* check that we have the right struct being passed */
> > > + AA_READ_X(e, AA_STRUCT, NULL, "profile");
> > > + AA_READ_X(e, AA_DYN_STRING, &profile->name, NULL);
> > > +
> > > + error_string = "Invalid flags";
> > > + /* per profile debug flags (debug, complain, audit) */
> > > + AA_READ_X(e, AA_STRUCT, NULL, "flags");
> > > + AA_READ_X(e, AA_U32, &(profile->flags.debug), "profile.flags.debug");
> > > + AA_READ_X(e, AA_U32, &(profile->flags.complain),
> > > + "profile.flags.complain");
> > > + AA_READ_X(e, AA_U32, &(profile->flags.audit), "profile.flags.audit");
> > > + AA_READ_X(e, AA_STRUCTEND, NULL, NULL);
> > > +
> > > + error_string = "Invalid capabilities";
> > > + AA_READ_X(e, AA_U32, &(profile->capabilities), "profile.capabilities");
> > > +
> > > + /* get the file entries. */
> > > + AA_ENTRY_LIST("pgent"); /* pcre rules */
> > > + AA_ENTRY_LIST("sgent"); /* simple globs */
> > > + AA_ENTRY_LIST("fent"); /* regular file entries */
> > > +
> > > + /* get the net entries */
> > > + if (aa_is_nameX(e, AA_LIST, NULL, "net")) {
> > > + error_string = "Invalid net entry";
> > > + while (!aa_is_nameX(e, AA_LISTEND, NULL, NULL)) {
> > > + if (!aa_activate_net_entry(e))
> > > + goto fail;
> > > + }
> > > + }
> > > + rulename = "";
> > > +
> > > + /* get subprofiles */
> > > + if (aa_is_nameX(e, AA_LIST, NULL, "hats")) {
> > > + error_string = "Invalid profile hat";
> > > + while (!aa_is_nameX(e, AA_LISTEND, NULL, NULL)) {
> > > + struct aaprofile *subprofile;
> > > + subprofile = aa_activate_profile(e, error);
> > > + if (!subprofile)
> > > + goto fail;
> > > + subprofile->parent = profile;
> > > + list_add(&subprofile->list, &profile->sub);
> > > + }
> > > + }
> > > +
> > > + error_string = "Invalid end of profile";
> > > + AA_READ_X(e, AA_STRUCTEND, NULL, NULL);
> > > +
> > > + return profile;
> >
> > Is this kind of transltion neccessary?
>
> Don't understand. Please expand/clarify. The code serializes the profile data
> from userspace.

Yes, and it looks quite complex; would it be possible to get rid of
this serializing code? Could some existing infrastructure be used? One
file per value? Just pass the structure and make sure userspace is
matched to kernel? Something else?

Pavel
--
Thanks for all the (sleeping) penguins.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Steven Rostedt: "Re: Linux 2.6.17-rc2"
Previous message: Nick Piggin: "Re: [PATCH] Shrink rbtree"
In reply to: Tony Jones: "Re: [RFC][PATCH 6/11] security: AppArmor - Userspace interface"
Next in thread: Arjan van de Ven: "Re: [RFC][PATCH 0/11] security: AppArmor - Overview"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]