root/security/apparmor/include/task.h

/* [<][>][^][v][top][bottom][index][help] */

INCLUDED FROM

DEFINITIONS

This source file includes following definitions.
  1. aa_free_task_ctx
  2. aa_dup_task_ctx
  3. aa_clear_task_ctx_trans
   1 /* SPDX-License-Identifier: GPL-2.0-only */
   2 /*
   3  * AppArmor security module
   4  *
   5  * This file contains AppArmor task related definitions and mediation
   6  *
   7  * Copyright 2017 Canonical Ltd.
   8  */
   9 
  10 #ifndef __AA_TASK_H
  11 #define __AA_TASK_H
  12 
  13 static inline struct aa_task_ctx *task_ctx(struct task_struct *task)
  14 {
  15         return task->security + apparmor_blob_sizes.lbs_task;
  16 }
  17 
  18 /*
  19  * struct aa_task_ctx - information for current task label change
  20  * @nnp: snapshot of label at time of no_new_privs
  21  * @onexec: profile to transition to on next exec  (MAY BE NULL)
  22  * @previous: profile the task may return to     (MAY BE NULL)
  23  * @token: magic value the task must know for returning to @previous_profile
  24  */
  25 struct aa_task_ctx {
  26         struct aa_label *nnp;
  27         struct aa_label *onexec;
  28         struct aa_label *previous;
  29         u64 token;
  30 };
  31 
  32 int aa_replace_current_label(struct aa_label *label);
  33 int aa_set_current_onexec(struct aa_label *label, bool stack);
  34 int aa_set_current_hat(struct aa_label *label, u64 token);
  35 int aa_restore_previous_label(u64 cookie);
  36 struct aa_label *aa_get_task_label(struct task_struct *task);
  37 
  38 /**
  39  * aa_free_task_ctx - free a task_ctx
  40  * @ctx: task_ctx to free (MAYBE NULL)
  41  */
  42 static inline void aa_free_task_ctx(struct aa_task_ctx *ctx)
  43 {
  44         if (ctx) {
  45                 aa_put_label(ctx->nnp);
  46                 aa_put_label(ctx->previous);
  47                 aa_put_label(ctx->onexec);
  48         }
  49 }
  50 
  51 /**
  52  * aa_dup_task_ctx - duplicate a task context, incrementing reference counts
  53  * @new: a blank task context      (NOT NULL)
  54  * @old: the task context to copy  (NOT NULL)
  55  */
  56 static inline void aa_dup_task_ctx(struct aa_task_ctx *new,
  57                                    const struct aa_task_ctx *old)
  58 {
  59         *new = *old;
  60         aa_get_label(new->nnp);
  61         aa_get_label(new->previous);
  62         aa_get_label(new->onexec);
  63 }
  64 
  65 /**
  66  * aa_clear_task_ctx_trans - clear transition tracking info from the ctx
  67  * @ctx: task context to clear (NOT NULL)
  68  */
  69 static inline void aa_clear_task_ctx_trans(struct aa_task_ctx *ctx)
  70 {
  71         AA_BUG(!ctx);
  72 
  73         aa_put_label(ctx->previous);
  74         aa_put_label(ctx->onexec);
  75         ctx->previous = NULL;
  76         ctx->onexec = NULL;
  77         ctx->token = 0;
  78 }
  79 
  80 #endif /* __AA_TASK_H */
/* [<][>][^][v][top][bottom][index][help] */