slightly revised version of the patch. It just comments out the first query and adds a comment around what is going on.
--- commit 4321e8ffc9c63bbb1483e5aca32d865adab06623 Author: John Johansen <[email protected]> Date: Tue Jun 2 03:24:38 2015 -0700 add query helper for link permissions Signed-off-by: John Johansen <[email protected]> diff --git a/libraries/libapparmor/doc/aa_query_label.pod b/libraries/libapparmor/doc/aa_query_label.pod index 613e9d0..3e943a7 100644 --- a/libraries/libapparmor/doc/aa_query_label.pod +++ b/libraries/libapparmor/doc/aa_query_label.pod @@ -38,6 +38,14 @@ B<int aa_query_file_path_len((uint32_t mask, const char *label, size_t label_len, const char *path, size_t path_len, int *allowed, int *audited);> +B<int aa_query_link_path_len(const char *label, size_t label_len, + const char *target, size_t target_len, + const char *link, size_t link_len, + int *allowed, int *audited);> + +B<int aa_query_link_path(const char *label, const char *target, + const char *link, int *allowed, int *audited);> + Link with B<-lapparmor> when compiling. @@ -68,6 +76,12 @@ The I<path> is any valid filesystem path to query permissions for. For the B<aa_query_file_path_len> variant the I<path_len> parameter specifies the number of bytes in the I<path> to use as part of the query. +The B<aa_query_link_path> and B<aa_query_link_path_len> functions are helper +functions that assemble a properly formatted link path query for the +B<aa_query_label> function. The I<link_len> and I<target_len> parameters +specify the number of bytes in the I<link> and I<target> to use as part of +the query. + =head1 RETURN VALUE On success 0 is returned, and the I<allowed> and I<audited> parameters diff --git a/libraries/libapparmor/include/sys/apparmor.h b/libraries/libapparmor/include/sys/apparmor.h index 43f9549..5a920ad 100644 --- a/libraries/libapparmor/include/sys/apparmor.h +++ b/libraries/libapparmor/include/sys/apparmor.h @@ -106,6 +106,12 @@ extern int aa_query_file_path_len(uint32_t mask, const char *label, size_t path_len, int *allowed, int *audited); extern int aa_query_file_path(uint32_t mask, const char *label, const char *path, int *allowed, int *audited); +extern int aa_query_link_path_len(const char *label, size_t label_len, + const char *target, size_t target_len, + const char *link, size_t link_len, + int *allowed, int *audited); +extern int aa_query_link_path(const char *label, const char *target, + const char *link, int *allowed, int *audited); #define __macroarg_counter(Y...) __macroarg_count1 ( , ##Y) #define __macroarg_count1(Y...) __macroarg_count2 (Y, 16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0) diff --git a/libraries/libapparmor/src/kernel.c b/libraries/libapparmor/src/kernel.c index 50bc062..a3f8efa 100644 --- a/libraries/libapparmor/src/kernel.c +++ b/libraries/libapparmor/src/kernel.c @@ -905,3 +905,78 @@ int aa_query_file_path(uint32_t mask, const char *label, const char *path, return aa_query_file_path_len(mask, label, strlen(label), path, strlen(path), allowed, audited); } + +/** + * aa_query_link_path_len - query access permissions for a hard link @link + * @label: apparmor label + * @label_len: length of @label (does not include any terminating nul byte) + * @target: file path that hard link will point to + * @target_len: length of @target (does not include any terminating nul byte) + * @link: file path of hard link + * @link_len: length of @link (does not include any terminating nul byte) + * @allowed: upon successful return, will be 1 if query is allowed and 0 if not + * @audited: upon successful return, will be 1 if query should be audited and 0 + * if not + * + * Returns: 0 on success else -1 and sets errno. If -1 is returned and errno is + * ENOENT, the subject label in the query string is unknown to the + * kernel. + */ +int aa_query_link_path_len(const char *label, size_t label_len, + const char *target, size_t target_len, + const char *link, size_t link_len, + int *allowed, int *audited) +{ + autofree char *query = NULL; + int rc; + + /* + 1 for null separators */ + size_t size = AA_QUERY_CMD_LABEL_SIZE + label_len + 1 + target_len + + 1 + link_len; + size_t pos = AA_QUERY_CMD_LABEL_SIZE; + + query = malloc(size); + if (!query) + return -1; + memcpy(query + pos, label, label_len); + /* null separator */ + pos += label_len; + query[pos] = 0; + query[++pos] = AA_CLASS_FILE; + memcpy(query + pos + 1, link, link_len); + /* The kernel does the query in two parts we could similate this + * doing the following, however as long as policy is compiled + * correctly this isn't requied, and it requires and extra round + * trip to the kernel and adds a race on policy replacement between + * the two queries. + * + rc = aa_query_label(AA_MAY_LINK, query, size, allowed, audited); + if (rc || !*allowed) + return rc; + */ + pos += 1 + link_len; + query[pos] = 0; + memcpy(query + pos + 1, target, target_len); + return aa_query_label(AA_MAY_LINK, query, size, allowed, audited); +} + +/** + * aa_query_link_path - query access permissions for a hard link @link + * @label: apparmor label + * @target: file path that hard link will point to + * @link: file path of hard link + * @allowed: upon successful return, will be 1 if query is allowed and 0 if not + * @audited: upon successful return, will be 1 if query should be audited and 0 + * if not + * + * Returns: 0 on success else -1 and sets errno. If -1 is returned and errno is + * ENOENT, the subject label in the query string is unknown to the + * kernel. + */ +int aa_query_link_path(const char *label, const char *target, const char *link, + int *allowed, int *audited) +{ + return aa_query_link_path_len(label, strlen(label), target, + strlen(target), link, strlen(link), + allowed, audited); +} diff --git a/libraries/libapparmor/src/libapparmor.map b/libraries/libapparmor/src/libapparmor.map index 8a3c60b..d93acf6 100644 --- a/libraries/libapparmor/src/libapparmor.map +++ b/libraries/libapparmor/src/libapparmor.map @@ -56,6 +56,8 @@ APPARMOR_2.10 { global: aa_query_file_path; aa_query_file_path_len; + aa_query_link_path; + aa_query_link_path_len; aa_features_new; aa_features_new_from_string; aa_features_new_from_kernel; diff --git a/libraries/libapparmor/swig/SWIG/libapparmor.i b/libraries/libapparmor/swig/SWIG/libapparmor.i index c98cca8..98f984f 100644 --- a/libraries/libapparmor/swig/SWIG/libapparmor.i +++ b/libraries/libapparmor/swig/SWIG/libapparmor.i @@ -44,5 +44,11 @@ extern int aa_query_file_path_len(uint32_t mask, const char *label, size_t path_len, int *allowed, int *audited); extern int aa_query_file_path(uint32_t mask, const char *label, const char *path, int *allowed, int *audited); +extern int aa_query_link_path_len(const char *label, size_t label_len, + const char *target, size_t target_len, + const char *link, size_t link_len, + int *allowed, int *audited); +extern int aa_query_link_path(const char *label, const char *target, + const char *link, int *allowed, int *audited); %exception; -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
