From df8073c67fd8acb7e79f203ba4c0fa456bb82762 Mon Sep 17 00:00:00 2001 From: John Johansen <john.johansen@canonical.com> Date: Fri, 9 Jun 2017 11:36:48 -0700 Subject: apparmor: convert aa_change_XXX bool parameters to flags Instead of passing multiple booleans consolidate on a single flags field. Signed-off-by: John Johansen <john.johansen@canonical.com> --- security/apparmor/domain.c | 26 +++++++++++++------------- security/apparmor/include/domain.h | 10 +++++++--- security/apparmor/include/procattr.h | 6 +----- security/apparmor/lsm.c | 13 +++++-------- security/apparmor/procattr.c | 6 +++--- 5 files changed, 29 insertions(+), 32 deletions(-) (limited to 'security/apparmor') diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c index 0c02eac33a45..2ec4ae029215 100644 --- a/security/apparmor/domain.c +++ b/security/apparmor/domain.c @@ -563,7 +563,7 @@ static char *new_compound_name(const char *n1, const char *n2) * @hats: vector of hat names to try changing into (MAYBE NULL if @count == 0) * @count: number of hat names in @hats * @token: magic value to validate the hat change - * @permtest: true if this is just a permission test + * @flags: flags affecting behavior of the change * * Change to the first profile specified in @hats that exists, and store * the @hat_magic in the current task context. If the count == 0 and the @@ -572,7 +572,7 @@ static char *new_compound_name(const char *n1, const char *n2) * * Returns %0 on success, error otherwise. */ -int aa_change_hat(const char *hats[], int count, u64 token, bool permtest) +int aa_change_hat(const char *hats[], int count, u64 token, int flags) { const struct cred *cred; struct aa_task_ctx *ctx; @@ -616,7 +616,7 @@ int aa_change_hat(const char *hats[], int count, u64 token, bool permtest) /* released below */ hat = aa_find_child(root, hats[i]); if (!hat) { - if (!COMPLAIN_MODE(root) || permtest) { + if (!COMPLAIN_MODE(root) || (flags & AA_CHANGE_TEST)) { if (list_empty(&root->base.profiles)) error = -ECHILD; else @@ -663,7 +663,7 @@ int aa_change_hat(const char *hats[], int count, u64 token, bool permtest) goto audit; } - if (!permtest) { + if (!(flags & AA_CHANGE_TEST)) { error = aa_set_current_hat(hat, token); if (error == -EACCES) /* kill task in case of brute force attacks */ @@ -684,7 +684,7 @@ int aa_change_hat(const char *hats[], int count, u64 token, bool permtest) goto out; audit: - if (!permtest) + if (!(flags & AA_CHANGE_TEST)) error = aa_audit_file(profile, &perms, OP_CHANGE_HAT, AA_MAY_CHANGEHAT, NULL, target, GLOBAL_ROOT_UID, info, error); @@ -703,7 +703,7 @@ out: * aa_change_profile - perform a one-way profile transition * @fqname: name of profile may include namespace (NOT NULL) * @onexec: whether this transition is to take place immediately or at exec - * @permtest: true if this is just a permission test + * @flags: flags affecting change behavior * * Change to new profile @name. Unlike with hats, there is no way * to change back. If @name isn't specified the current profile name is @@ -713,8 +713,7 @@ out: * * Returns %0 on success, error otherwise. */ -int aa_change_profile(const char *fqname, bool onexec, - bool permtest, bool stack) +int aa_change_profile(const char *fqname, int flags) { const struct cred *cred; struct aa_profile *profile, *target = NULL; @@ -728,7 +727,7 @@ int aa_change_profile(const char *fqname, bool onexec, return -EINVAL; } - if (onexec) { + if (flags & AA_CHANGE_ONEXEC) { request = AA_MAY_ONEXEC; op = OP_CHANGE_ONEXEC; } else { @@ -755,7 +754,8 @@ int aa_change_profile(const char *fqname, bool onexec, if (!target) { info = "profile not found"; error = -ENOENT; - if (permtest || !COMPLAIN_MODE(profile)) + if ((flags & AA_CHANGE_TEST) || + !COMPLAIN_MODE(profile)) goto audit; /* released below */ target = aa_new_null_profile(profile, false, fqname, @@ -781,16 +781,16 @@ int aa_change_profile(const char *fqname, bool onexec, goto audit; } - if (permtest) + if (flags & AA_CHANGE_TEST) goto audit; - if (onexec) + if (flags & AA_CHANGE_ONEXEC) error = aa_set_current_onexec(target); else error = aa_replace_current_profile(target); audit: - if (!permtest) + if (!(flags & AA_CHANGE_TEST)) error = aa_audit_file(profile, &perms, op, request, NULL, fqname, GLOBAL_ROOT_UID, info, error); diff --git a/security/apparmor/include/domain.h b/security/apparmor/include/domain.h index 6587c4abb7e8..255aa40ec1d1 100644 --- a/security/apparmor/include/domain.h +++ b/security/apparmor/include/domain.h @@ -23,12 +23,16 @@ struct aa_domain { char **table; }; +#define AA_CHANGE_NOFLAGS 0 +#define AA_CHANGE_TEST 1 +#define AA_CHANGE_CHILD 2 +#define AA_CHANGE_ONEXEC 4 + int apparmor_bprm_set_creds(struct linux_binprm *bprm); int apparmor_bprm_secureexec(struct linux_binprm *bprm); void aa_free_domain_entries(struct aa_domain *domain); -int aa_change_hat(const char *hats[], int count, u64 token, bool permtest); -int aa_change_profile(const char *fqname, bool onexec, bool permtest, - bool stack); +int aa_change_hat(const char *hats[], int count, u64 token, int flags); +int aa_change_profile(const char *fqname, int flags); #endif /* __AA_DOMAIN_H */ diff --git a/security/apparmor/include/procattr.h b/security/apparmor/include/procattr.h index 6bd5f33d9533..c0055d727868 100644 --- a/security/apparmor/include/procattr.h +++ b/security/apparmor/include/procattr.h @@ -15,11 +15,7 @@ #ifndef __AA_PROCATTR_H #define __AA_PROCATTR_H -#define AA_DO_TEST 1 -#define AA_ONEXEC 1 - int aa_getprocattr(struct aa_profile *profile, char **string); -int aa_setprocattr_changehat(char *args, size_t size, int test); -int aa_setprocattr_changeprofile(char *fqname, bool onexec, int test); +int aa_setprocattr_changehat(char *args, size_t size, int flags); #endif /* __AA_PROCATTR_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 49b780b4c53b..e07dd5a204d7 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -554,22 +554,19 @@ static int apparmor_setprocattr(const char *name, void *value, if (strcmp(name, "current") == 0) { if (strcmp(command, "changehat") == 0) { error = aa_setprocattr_changehat(args, arg_size, - !AA_DO_TEST); + AA_CHANGE_NOFLAGS); } else if (strcmp(command, "permhat") == 0) { error = aa_setprocattr_changehat(args, arg_size, - AA_DO_TEST); + AA_CHANGE_TEST); } else if (strcmp(command, "changeprofile") == 0) { - error = aa_change_profile(args, !AA_ONEXEC, - !AA_DO_TEST, false); + error = aa_change_profile(args, AA_CHANGE_NOFLAGS); } else if (strcmp(command, "permprofile") == 0) { - error = aa_change_profile(args, !AA_ONEXEC, AA_DO_TEST, - false); + error = aa_change_profile(args, AA_CHANGE_TEST); } else goto fail; } else if (strcmp(name, "exec") == 0) { if (strcmp(command, "exec") == 0) - error = aa_change_profile(args, AA_ONEXEC, !AA_DO_TEST, - false); + error = aa_change_profile(args, AA_CHANGE_ONEXEC); else goto fail; } else diff --git a/security/apparmor/procattr.c b/security/apparmor/procattr.c index 41b7b64a906b..2f0cb424927a 100644 --- a/security/apparmor/procattr.c +++ b/security/apparmor/procattr.c @@ -109,11 +109,11 @@ static char *split_token_from_name(const char *op, char *args, u64 *token) * aa_setprocattr_chagnehat - handle procattr interface to change_hat * @args: args received from writing to /proc/<pid>/attr/current (NOT NULL) * @size: size of the args - * @test: true if this is a test of change_hat permissions + * @flags: set of flags governing behavior * * Returns: %0 or error code if change_hat fails */ -int aa_setprocattr_changehat(char *args, size_t size, int test) +int aa_setprocattr_changehat(char *args, size_t size, int flags) { char *hat; u64 token; @@ -148,5 +148,5 @@ int aa_setprocattr_changehat(char *args, size_t size, int test) AA_DEBUG("%s: (pid %d) Magic 0x%llx count %d Hat '%s'\n", __func__, current->pid, token, count, "<NULL>"); - return aa_change_hat(hats, count, token, test); + return aa_change_hat(hats, count, token, flags); } -- cgit v1.2.3-58-ga151