2006-04-11 21:52:54 +00:00
|
|
|
/*
|
2007-04-11 08:12:51 +00:00
|
|
|
* Copyright (c) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007
|
|
|
|
|
* NOVELL (All rights reserved)
|
2006-04-11 21:52:54 +00:00
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of version 2 of the GNU General Public
|
|
|
|
|
* License published by the Free Software Foundation.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, contact Novell, Inc.
|
|
|
|
|
*/
|
|
|
|
|
|
2007-06-26 21:09:46 +00:00
|
|
|
#include <assert.h>
|
2006-04-11 21:52:54 +00:00
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
#include <fcntl.h>
|
|
|
|
|
#include <libintl.h>
|
|
|
|
|
#define _(s) gettext(s)
|
|
|
|
|
|
|
|
|
|
#include "parser.h"
|
2007-02-27 02:29:16 +00:00
|
|
|
#include "libapparmor_re/apparmor_re.h"
|
2006-04-11 21:52:54 +00:00
|
|
|
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <linux/unistd.h>
|
|
|
|
|
|
|
|
|
|
/* only for x86 at the moment */
|
|
|
|
|
#include <endian.h>
|
|
|
|
|
#include <byteswap.h>
|
|
|
|
|
#include <libintl.h>
|
|
|
|
|
#define _(s) gettext(s)
|
|
|
|
|
|
|
|
|
|
#define u8 unsigned char
|
2008-04-06 18:55:46 +00:00
|
|
|
#define u16 uint16_t
|
|
|
|
|
#define u32 uint32_t
|
|
|
|
|
#define u64 uint64_t
|
2006-04-11 21:52:54 +00:00
|
|
|
|
|
|
|
|
#define BUFFERINC 65536
|
|
|
|
|
//#define BUFFERINC 16
|
|
|
|
|
|
|
|
|
|
#if __BYTE_ORDER == __BIG_ENDIAN
|
|
|
|
|
# define cpu_to_le16(x) ((u16)(bswap_16 ((u16) x)))
|
|
|
|
|
# define cpu_to_le32(x) ((u32)(bswap_32 ((u32) x)))
|
2008-04-06 18:55:46 +00:00
|
|
|
# define cpu_to_le64(x) ((u64)(bswap_64 ((u64) x)))
|
2006-04-11 21:52:54 +00:00
|
|
|
#else
|
|
|
|
|
# define cpu_to_le16(x) ((u16)(x))
|
|
|
|
|
# define cpu_to_le32(x) ((u32)(x))
|
2008-04-06 18:55:46 +00:00
|
|
|
# define cpu_to_le64(x) ((u64)(x))
|
2006-04-11 21:52:54 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#define SD_CODE_SIZE (sizeof(u8))
|
|
|
|
|
#define SD_STR_LEN (sizeof(u16))
|
|
|
|
|
|
2006-08-04 21:30:34 +00:00
|
|
|
#define SUBDOMAIN_INTERFACE_VERSION 2
|
2008-04-08 20:30:06 +00:00
|
|
|
#define SUBDOMAIN_INTERFACE_DFA_VERSION 5
|
2006-04-11 21:52:54 +00:00
|
|
|
|
|
|
|
|
int sd_serialize_codomain(int option, struct codomain *cod);
|
|
|
|
|
|
|
|
|
|
static void print_error(int error)
|
|
|
|
|
{
|
|
|
|
|
switch (error) {
|
|
|
|
|
case -ESPIPE:
|
|
|
|
|
PERROR(_("Bad write position\n"));
|
|
|
|
|
break;
|
|
|
|
|
case -EPERM:
|
|
|
|
|
PERROR(_("Permission denied\n"));
|
|
|
|
|
break;
|
|
|
|
|
case -ENOMEM:
|
|
|
|
|
PERROR(_("Out of memory\n"));
|
|
|
|
|
break;
|
|
|
|
|
case -EFAULT:
|
|
|
|
|
PERROR(_("Couldn't copy profile Bad memory address\n"));
|
|
|
|
|
break;
|
|
|
|
|
case -EPROTO:
|
|
|
|
|
PERROR(_("Profile doesn't conform to protocol\n"));
|
|
|
|
|
break;
|
|
|
|
|
case -EBADMSG:
|
|
|
|
|
PERROR(_("Profile does not match signature\n"));
|
|
|
|
|
break;
|
|
|
|
|
case -EPROTONOSUPPORT:
|
2006-08-04 17:22:19 +00:00
|
|
|
PERROR(_("Profile version not supported by Apparmor module\n"));
|
2006-04-11 21:52:54 +00:00
|
|
|
break;
|
|
|
|
|
case -EEXIST:
|
|
|
|
|
PERROR(_("Profile already exists\n"));
|
|
|
|
|
break;
|
|
|
|
|
case -ENOENT:
|
|
|
|
|
PERROR(_("Profile doesn't exist\n"));
|
|
|
|
|
break;
|
2009-03-13 03:44:26 +00:00
|
|
|
case -EACCES:
|
|
|
|
|
PERROR(_("Permission denied; attempted to load a profile while confined?\n"));
|
|
|
|
|
break;
|
2006-04-11 21:52:54 +00:00
|
|
|
default:
|
2009-03-13 03:44:26 +00:00
|
|
|
PERROR(_("Unknown error (%d): %s\n"), -error, strerror(-error));
|
2006-04-11 21:52:54 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int load_codomain(int option, struct codomain *cod)
|
|
|
|
|
{
|
|
|
|
|
int retval = 0;
|
|
|
|
|
int error = 0;
|
|
|
|
|
|
|
|
|
|
PDEBUG("Serializing policy for %s.\n", cod->name);
|
|
|
|
|
retval = sd_serialize_codomain(option, cod);
|
|
|
|
|
|
|
|
|
|
if (retval < 0) {
|
|
|
|
|
error = retval; /* yeah, we'll just report the last error */
|
|
|
|
|
switch (option) {
|
|
|
|
|
case OPTION_ADD:
|
|
|
|
|
PERROR(_("%s: Unable to add \"%s\". "),
|
|
|
|
|
progname, cod->name);
|
|
|
|
|
print_error(error);
|
|
|
|
|
break;
|
|
|
|
|
case OPTION_REPLACE:
|
|
|
|
|
PERROR(_("%s: Unable to replace \"%s\". "),
|
|
|
|
|
progname, cod->name);
|
|
|
|
|
print_error(error);
|
|
|
|
|
break;
|
|
|
|
|
case OPTION_REMOVE:
|
|
|
|
|
PERROR(_("%s: Unable to remove \"%s\". "),
|
|
|
|
|
progname, cod->name);
|
|
|
|
|
print_error(error);
|
|
|
|
|
break;
|
|
|
|
|
case OPTION_STDOUT:
|
|
|
|
|
PERROR(_("%s: Unable to write to stdout\n"),
|
|
|
|
|
progname);
|
|
|
|
|
break;
|
2010-06-26 13:13:52 -07:00
|
|
|
case OPTION_OFILE:
|
|
|
|
|
PERROR(_("%s: Unable to write to output file\n"),
|
|
|
|
|
progname);
|
2006-04-11 21:52:54 +00:00
|
|
|
default:
|
|
|
|
|
PERROR(_("%s: ASSERT: Invalid option: %d\n"),
|
|
|
|
|
progname, option);
|
|
|
|
|
exit(1);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2009-11-11 10:56:04 -08:00
|
|
|
} else if (conf_verbose) {
|
2006-04-11 21:52:54 +00:00
|
|
|
switch (option) {
|
|
|
|
|
case OPTION_ADD:
|
|
|
|
|
printf(_("Addition succeeded for \"%s\".\n"),
|
|
|
|
|
cod->name);
|
|
|
|
|
break;
|
|
|
|
|
case OPTION_REPLACE:
|
|
|
|
|
printf(_("Replacement succeeded for \"%s\".\n"),
|
|
|
|
|
cod->name);
|
|
|
|
|
break;
|
|
|
|
|
case OPTION_REMOVE:
|
|
|
|
|
printf(_("Removal succeeded for \"%s\".\n"),
|
|
|
|
|
cod->name);
|
|
|
|
|
break;
|
|
|
|
|
case OPTION_STDOUT:
|
2010-06-26 13:13:52 -07:00
|
|
|
case OPTION_OFILE:
|
2006-04-11 21:52:54 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
PERROR(_("%s: ASSERT: Invalid option: %d\n"),
|
|
|
|
|
progname, option);
|
|
|
|
|
exit(1);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return error;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
enum sd_code {
|
|
|
|
|
SD_U8,
|
|
|
|
|
SD_U16,
|
|
|
|
|
SD_U32,
|
|
|
|
|
SD_U64,
|
|
|
|
|
SD_NAME, /* same as string except it is items name */
|
|
|
|
|
SD_STRING,
|
|
|
|
|
SD_BLOB,
|
|
|
|
|
SD_STRUCT,
|
|
|
|
|
SD_STRUCTEND,
|
|
|
|
|
SD_LIST,
|
|
|
|
|
SD_LISTEND,
|
2007-07-27 20:29:47 +00:00
|
|
|
SD_ARRAY,
|
|
|
|
|
SD_ARRAYEND,
|
2006-04-11 21:52:54 +00:00
|
|
|
SD_OFFSET
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const char *sd_code_names[] = {
|
|
|
|
|
"SD_U8",
|
|
|
|
|
"SD_U16",
|
|
|
|
|
"SD_U32",
|
|
|
|
|
"SD_U64",
|
|
|
|
|
"SD_NAME",
|
|
|
|
|
"SD_STRING",
|
|
|
|
|
"SD_BLOB",
|
|
|
|
|
"SD_STRUCT",
|
|
|
|
|
"SD_STRUCTEND",
|
|
|
|
|
"SD_LIST",
|
|
|
|
|
"SD_LISTEND",
|
2008-04-06 18:55:46 +00:00
|
|
|
"SD_ARRAY",
|
|
|
|
|
"SD_ARRAYEND",
|
2006-04-11 21:52:54 +00:00
|
|
|
"SD_OFFSET"
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* Currently we will just use a contiguous block of memory
|
|
|
|
|
be we are going to just hide this for the moment. */
|
|
|
|
|
struct __sdserialize {
|
|
|
|
|
void *buffer;
|
|
|
|
|
void *pos;
|
|
|
|
|
void *extent;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
sd_serialize *alloc_sd_serial(void)
|
|
|
|
|
{
|
Add Audit control to AppArmor through, the use of audit and deny
key words. Deny is also used to subtract permissions from the
profiles permission set.
the audit key word can be prepended to any file, network, or capability
rule, to force a selective audit when that rule is matched. Audit
permissions accumulate just like standard permissions.
eg.
audit /bin/foo rw,
will force an audit message when the file /bin/foo is opened for
read or write.
audit /etc/shadow w,
/etc/shadow r,
will force an audit message when /etc/shadow is opened for writing.
The audit message is per permission bit so only opening the file
for read access will not, force an audit message.
audit can also be used in block form instead of prepending audit
to every rule.
audit {
/bin/foo rw,
/etc/shadow w,
}
/etc/shadow r, # don't audit r access to /etc/shadow
the deny key word can be prepended to file, network and capability
rules, to result in a denial of permissions when matching that rule.
The deny rule specifically does 3 things
- it gives AppArmor the ability to remember what has been denied
so that the tools don't prompt for what has been denied in
previous profiling sessions.
- it subtracts globally from the allowed permissions. Deny permissions
accumulate in the the deny set just as allow permissions accumulate
then, the deny set is subtracted from the allow set.
- it quiets known rejects. The default audit behavior of deny rules
is to quiet known rejects so that audit logs are not flooded
with already known rejects. To have known rejects logged prepend
the audit keyword to the deny rule. Deny rules do not have a
block form.
eg.
deny /foo/bar rw,
audit deny /etc/shadow w,
audit {
deny owner /blah w,
deny other /foo w,
deny /etc/shadow w,
}
2008-03-13 17:39:03 +00:00
|
|
|
sd_serialize *p = calloc(1, sizeof(sd_serialize));
|
2006-04-11 21:52:54 +00:00
|
|
|
if (!p)
|
|
|
|
|
return NULL;
|
|
|
|
|
p->buffer = malloc(BUFFERINC);
|
|
|
|
|
if (!p->buffer) {
|
|
|
|
|
free(p);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
p->pos = p->buffer;
|
|
|
|
|
p->extent = p->buffer + BUFFERINC;
|
|
|
|
|
return p;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void free_sd_serial(sd_serialize *p)
|
|
|
|
|
{
|
|
|
|
|
if (p) {
|
|
|
|
|
if (p->buffer)
|
|
|
|
|
free(p->buffer);
|
|
|
|
|
free(p);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*check if something of size length is in sd_serial bounds */
|
|
|
|
|
static inline int sd_inbounds(sd_serialize *p, int size)
|
|
|
|
|
{
|
|
|
|
|
return (p->pos + size <= p->extent);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void sd_inc(sd_serialize *p, int size)
|
|
|
|
|
{
|
|
|
|
|
if (sd_inbounds(p, size)) {
|
|
|
|
|
p->pos += size;
|
|
|
|
|
} else {
|
|
|
|
|
PERROR(_("PANIC bad increment buffer %p pos %p ext %p size %d res %p\n"),
|
|
|
|
|
p->buffer, p->pos, p->extent, size, p->pos + size);
|
|
|
|
|
exit(-1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
inline long sd_serial_size(sd_serialize *p)
|
|
|
|
|
{
|
|
|
|
|
return (p->pos - p->buffer);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* routines for writing data to the serialization buffer */
|
|
|
|
|
inline int sd_prepare_write(sd_serialize *p, enum sd_code code, size_t size)
|
|
|
|
|
{
|
|
|
|
|
int num = (size / BUFFERINC) + 1;
|
|
|
|
|
if (p->pos + SD_CODE_SIZE + size > p->extent) {
|
|
|
|
|
long pos;
|
|
|
|
|
/* try and reallocate the buffer */
|
|
|
|
|
void *buffer = malloc(p->extent - p->buffer + (BUFFERINC * num));
|
|
|
|
|
memcpy(buffer, p->buffer, p->extent - p->buffer);
|
|
|
|
|
|
|
|
|
|
pos = p->pos - p->buffer;
|
|
|
|
|
if (buffer == NULL || errno == ENOMEM)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
p->extent = buffer + (p->extent - p->buffer) + (BUFFERINC * num);
|
|
|
|
|
free(p->buffer);
|
|
|
|
|
p->buffer = buffer;
|
|
|
|
|
p->pos = buffer + pos;
|
|
|
|
|
}
|
|
|
|
|
*(u8 *) (p->pos) = code;
|
|
|
|
|
sd_inc(p, SD_CODE_SIZE);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
inline int sd_write8(sd_serialize *p, u8 b)
|
|
|
|
|
{
|
|
|
|
|
u8 *c;
|
|
|
|
|
if (!sd_prepare_write(p, SD_U8, sizeof(b)))
|
|
|
|
|
return 0;
|
|
|
|
|
c = (u8 *) p->pos;
|
|
|
|
|
*c = b;
|
|
|
|
|
sd_inc(p, 1);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
inline int sd_write16(sd_serialize *p, u16 b)
|
|
|
|
|
{
|
|
|
|
|
u16 tmp;
|
|
|
|
|
if (!sd_prepare_write(p, SD_U16, sizeof(b)))
|
|
|
|
|
return 0;
|
|
|
|
|
tmp = cpu_to_le16(b);
|
|
|
|
|
memcpy(p->pos, &tmp, sizeof(tmp));
|
|
|
|
|
sd_inc(p, sizeof(tmp));
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
inline int sd_write32(sd_serialize *p, u32 b)
|
|
|
|
|
{
|
|
|
|
|
u32 tmp;
|
|
|
|
|
if (!sd_prepare_write(p, SD_U32, sizeof(b)))
|
|
|
|
|
return 0;
|
|
|
|
|
tmp = cpu_to_le32(b);
|
|
|
|
|
memcpy(p->pos, &tmp, sizeof(tmp));
|
|
|
|
|
sd_inc(p, sizeof(tmp));
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2008-04-06 18:55:46 +00:00
|
|
|
inline int sd_write64(sd_serialize *p, u64 b)
|
|
|
|
|
{
|
|
|
|
|
u64 tmp;
|
|
|
|
|
if (!sd_prepare_write(p, SD_U64, sizeof(b)))
|
|
|
|
|
return 0;
|
|
|
|
|
tmp = cpu_to_le64(b);
|
|
|
|
|
memcpy(p->pos, &tmp, sizeof(tmp));
|
|
|
|
|
sd_inc(p, sizeof(tmp));
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2006-04-11 21:52:54 +00:00
|
|
|
inline int sd_write_name(sd_serialize *p, char *name)
|
|
|
|
|
{
|
|
|
|
|
long size = 0;
|
|
|
|
|
PDEBUG("Writing name '%s'\n", name);
|
|
|
|
|
if (name) {
|
|
|
|
|
u16 tmp;
|
|
|
|
|
size = strlen(name) + 1;
|
|
|
|
|
if (!sd_prepare_write(p, SD_NAME, SD_STR_LEN + size))
|
|
|
|
|
return 0;
|
|
|
|
|
tmp = cpu_to_le16(size);
|
|
|
|
|
memcpy(p->pos, &tmp, sizeof(tmp));
|
|
|
|
|
sd_inc(p, sizeof(tmp));
|
|
|
|
|
memcpy(p->pos, name, size);
|
|
|
|
|
sd_inc(p, size);
|
|
|
|
|
}
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
inline int sd_write_blob(sd_serialize *p, void *b, int buf_size, char *name)
|
|
|
|
|
{
|
|
|
|
|
u32 tmp;
|
|
|
|
|
if (!sd_write_name(p, name))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_prepare_write(p, SD_BLOB, 4 + buf_size))
|
|
|
|
|
return 0;
|
|
|
|
|
tmp = cpu_to_le32(buf_size);
|
|
|
|
|
memcpy(p->pos, &tmp, sizeof(tmp));
|
|
|
|
|
sd_inc(p, sizeof(tmp));
|
|
|
|
|
memcpy(p->pos, b, buf_size);
|
|
|
|
|
sd_inc(p, buf_size);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2007-02-27 02:29:16 +00:00
|
|
|
#define align64(X) (((size_t) (X) + (size_t) 7) & ~((size_t) 7))
|
|
|
|
|
inline int sd_write_aligned_blob(sd_serialize *p, void *b, int buf_size,
|
|
|
|
|
char *name)
|
|
|
|
|
{
|
|
|
|
|
size_t pad;
|
|
|
|
|
u32 tmp;
|
|
|
|
|
if (!sd_write_name(p, name))
|
|
|
|
|
return 0;
|
|
|
|
|
pad = align64((p->pos + 5) - p->buffer) - ((p->pos + 5) - p->buffer);
|
|
|
|
|
if (!sd_prepare_write(p, SD_BLOB, 4 + buf_size + pad))
|
|
|
|
|
return 0;
|
|
|
|
|
tmp = cpu_to_le32(buf_size + pad);
|
|
|
|
|
memcpy(p->pos, &tmp, sizeof(tmp));
|
|
|
|
|
sd_inc(p, sizeof(tmp));
|
|
|
|
|
memset(p->pos, 0, pad);
|
|
|
|
|
sd_inc(p, pad);
|
|
|
|
|
memcpy(p->pos, b, buf_size);
|
|
|
|
|
sd_inc(p, buf_size);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2008-04-16 04:45:02 +00:00
|
|
|
static int sd_write_strn(sd_serialize *p, char *b, int size, char *name)
|
2006-04-11 21:52:54 +00:00
|
|
|
{
|
|
|
|
|
u16 tmp;
|
|
|
|
|
if (!sd_write_name(p, name))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_prepare_write(p, SD_STRING, SD_STR_LEN + size))
|
|
|
|
|
return 0;
|
|
|
|
|
tmp = cpu_to_le16(size);
|
|
|
|
|
memcpy(p->pos, &tmp, sizeof(tmp));
|
|
|
|
|
sd_inc(p, sizeof(tmp));
|
|
|
|
|
memcpy(p->pos, b, size);
|
|
|
|
|
sd_inc(p, size);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2008-04-16 04:45:02 +00:00
|
|
|
inline int sd_write_string(sd_serialize *p, char *b, char *name)
|
|
|
|
|
{
|
|
|
|
|
return sd_write_strn(p, b, strlen(b) + 1, name);
|
|
|
|
|
}
|
|
|
|
|
|
2006-04-11 21:52:54 +00:00
|
|
|
inline int sd_write_struct(sd_serialize *p, char *name)
|
|
|
|
|
{
|
|
|
|
|
if (!sd_write_name(p, name))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_prepare_write(p, SD_STRUCT, 0))
|
|
|
|
|
return 0;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
inline int sd_write_structend(sd_serialize *p)
|
|
|
|
|
{
|
|
|
|
|
if (!sd_prepare_write(p, SD_STRUCTEND, 0))
|
|
|
|
|
return 0;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2007-07-27 20:29:47 +00:00
|
|
|
inline int sd_write_array(sd_serialize *p, char *name, int size)
|
|
|
|
|
{
|
|
|
|
|
u16 tmp;
|
|
|
|
|
if (!sd_write_name(p, name))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_prepare_write(p, SD_ARRAY, 2))
|
|
|
|
|
return 0;
|
|
|
|
|
tmp = cpu_to_le16(size);
|
|
|
|
|
memcpy(p->pos, &tmp, sizeof(tmp));
|
|
|
|
|
sd_inc(p, sizeof(tmp));
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
inline int sd_write_arrayend(sd_serialize *p)
|
|
|
|
|
{
|
|
|
|
|
if (!sd_prepare_write(p, SD_ARRAYEND, 0))
|
|
|
|
|
return 0;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2006-04-11 21:52:54 +00:00
|
|
|
inline int sd_write_list(sd_serialize *p, char *name)
|
|
|
|
|
{
|
|
|
|
|
if (!sd_write_name(p, name))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_prepare_write(p, SD_LIST, 0))
|
|
|
|
|
return 0;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
inline int sd_write_listend(sd_serialize *p)
|
|
|
|
|
{
|
|
|
|
|
if (!sd_prepare_write(p, SD_LISTEND, 0))
|
|
|
|
|
return 0;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2007-02-27 02:29:16 +00:00
|
|
|
int sd_serialize_dfa(sd_serialize *p, void *dfa, size_t size)
|
|
|
|
|
{
|
|
|
|
|
if (dfa && !sd_write_aligned_blob(p, dfa, size, "aadfa"))
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2008-04-06 18:55:46 +00:00
|
|
|
int sd_serialize_rlimits(sd_serialize *p, struct aa_rlimits *limits)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
if (!limits->specified)
|
|
|
|
|
return 1;
|
|
|
|
|
if (!sd_write_struct(p, "rlimits"))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write32(p, limits->specified))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write_array(p, NULL, RLIM_NLIMITS))
|
|
|
|
|
return 0;
|
|
|
|
|
for (i = 0; i < RLIM_NLIMITS; i++) {
|
|
|
|
|
if (!sd_write64(p, limits->limits[i]))
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
if (!sd_write_arrayend(p))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write_structend(p))
|
|
|
|
|
return 0;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2008-04-16 04:45:02 +00:00
|
|
|
int sd_serialize_xtable(sd_serialize *p, char **table)
|
|
|
|
|
{
|
|
|
|
|
int count, i;
|
|
|
|
|
if (!table[4])
|
|
|
|
|
return 1;
|
|
|
|
|
if (!sd_write_struct(p, "xtable"))
|
|
|
|
|
return 0;
|
|
|
|
|
count = 0;
|
|
|
|
|
for (i = 4; i < AA_EXEC_COUNT; i++) {
|
|
|
|
|
if (table[i])
|
|
|
|
|
count++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!sd_write_array(p, NULL, count))
|
|
|
|
|
return 0;
|
2008-04-16 06:54:51 +00:00
|
|
|
|
2008-04-16 04:45:02 +00:00
|
|
|
for (i = 4; i < count + 4; i++) {
|
|
|
|
|
int len = strlen(table[i]) + 1;
|
|
|
|
|
|
|
|
|
|
/* if its a namespace make sure the second : is overwritten
|
|
|
|
|
* with 0, so that the namespace and name are \0 seperated
|
|
|
|
|
*/
|
|
|
|
|
if (*table[i] == ':') {
|
|
|
|
|
char *tmp = table[i] + 1;
|
|
|
|
|
strsep(&tmp, ":");
|
|
|
|
|
}
|
2008-04-16 06:54:51 +00:00
|
|
|
if (!sd_write_strn(p, table[i], len, NULL))
|
2008-04-16 04:45:02 +00:00
|
|
|
return 0;
|
2008-04-16 06:54:51 +00:00
|
|
|
|
2008-04-16 04:45:02 +00:00
|
|
|
}
|
|
|
|
|
if (!sd_write_arrayend(p))
|
|
|
|
|
return 0;
|
2008-04-16 06:54:51 +00:00
|
|
|
|
2008-04-16 04:45:02 +00:00
|
|
|
if (!sd_write_structend(p))
|
|
|
|
|
return 0;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2006-04-11 21:52:54 +00:00
|
|
|
int count_file_ents(struct cod_entry *list)
|
|
|
|
|
{
|
2007-02-27 02:29:16 +00:00
|
|
|
struct cod_entry *entry;
|
2006-04-11 21:52:54 +00:00
|
|
|
int count = 0;
|
2007-02-27 02:29:16 +00:00
|
|
|
list_for_each(list, entry) {
|
|
|
|
|
if (entry->pattern_type == ePatternBasic) {
|
2006-04-11 21:52:54 +00:00
|
|
|
count++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return count;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int count_tailglob_ents(struct cod_entry *list)
|
|
|
|
|
{
|
2007-02-27 02:29:16 +00:00
|
|
|
struct cod_entry *entry;
|
2006-04-11 21:52:54 +00:00
|
|
|
int count = 0;
|
2007-02-27 02:29:16 +00:00
|
|
|
list_for_each(list, entry) {
|
|
|
|
|
if (entry->pattern_type == ePatternTailGlob) {
|
2006-04-11 21:52:54 +00:00
|
|
|
count++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return count;
|
|
|
|
|
}
|
|
|
|
|
|
2007-06-26 21:09:46 +00:00
|
|
|
int sd_serialize_profile(sd_serialize *p, struct codomain *profile,
|
|
|
|
|
int flattened)
|
2006-04-11 21:52:54 +00:00
|
|
|
{
|
2009-08-20 15:27:12 +00:00
|
|
|
uint64_t allowed_caps;
|
2006-04-11 21:52:54 +00:00
|
|
|
|
|
|
|
|
if (!sd_write_struct(p, "profile"))
|
|
|
|
|
return 0;
|
2007-06-26 21:09:46 +00:00
|
|
|
if (flattened) {
|
|
|
|
|
assert(profile->parent);
|
|
|
|
|
int res;
|
|
|
|
|
|
|
|
|
|
char *name = malloc(3 + strlen(profile->name) +
|
|
|
|
|
strlen(profile->parent->name));
|
|
|
|
|
if (!name)
|
|
|
|
|
return 0;
|
|
|
|
|
sprintf(name, "%s//%s", profile->parent->name, profile->name);
|
|
|
|
|
res = sd_write_string(p, name, NULL);
|
|
|
|
|
free(name);
|
|
|
|
|
if (!res)
|
|
|
|
|
return 0;
|
|
|
|
|
} else {
|
|
|
|
|
if (!sd_write_string(p, profile->name, NULL))
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2009-07-30 06:09:19 +00:00
|
|
|
|
2009-11-11 10:56:04 -08:00
|
|
|
/* only emit this if current kernel at least supports "create" */
|
|
|
|
|
if (perms_create) {
|
|
|
|
|
if (regex_type == AARE_DFA && profile->xmatch) {
|
|
|
|
|
if (!sd_serialize_dfa(p, profile->xmatch, profile->xmatch_size))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write32(p, profile->xmatch_len))
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2009-07-30 06:09:19 +00:00
|
|
|
}
|
|
|
|
|
|
2006-04-11 21:52:54 +00:00
|
|
|
if (!sd_write_struct(p, "flags"))
|
|
|
|
|
return 0;
|
|
|
|
|
/* used to be flags.debug, but that's no longer supported */
|
2008-06-09 11:48:13 +00:00
|
|
|
if (!sd_write32(p, profile->flags.hat))
|
2006-04-11 21:52:54 +00:00
|
|
|
return 0;
|
|
|
|
|
if (!sd_write32(p, profile->flags.complain))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write32(p, profile->flags.audit))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write_structend(p))
|
|
|
|
|
return 0;
|
2010-02-17 12:21:52 -08:00
|
|
|
if (profile->flags.path) {
|
|
|
|
|
int flags = 0;
|
|
|
|
|
if (profile->flags.path & PATH_CHROOT_REL)
|
|
|
|
|
flags |= 0x8;
|
|
|
|
|
if (profile->flags.path & PATH_MEDIATE_DELETED)
|
|
|
|
|
flags |= 0x10000;
|
|
|
|
|
if (profile->flags.path & PATH_ATTACH)
|
|
|
|
|
flags |= 0x4;
|
|
|
|
|
if (profile->flags.path & PATH_CHROOT_NSATTACH)
|
|
|
|
|
flags |= 0x10;
|
|
|
|
|
|
|
|
|
|
if (!sd_write_name(p, "path_flags") ||
|
|
|
|
|
!sd_write32(p, flags))
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2009-08-20 15:27:12 +00:00
|
|
|
|
|
|
|
|
#define low_caps(X) ((u32) ((X) & 0xffffffff))
|
|
|
|
|
#define high_caps(X) ((u32) (((X) >> 32) & 0xffffffff))
|
|
|
|
|
allowed_caps = (profile->capabilities | profile->set_caps) &
|
|
|
|
|
~profile->deny_caps;
|
|
|
|
|
if (!sd_write32(p, low_caps(allowed_caps)))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write32(p, low_caps(allowed_caps & profile->audit_caps)))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write32(p, low_caps(profile->deny_caps & profile->quiet_caps)))
|
Add Audit control to AppArmor through, the use of audit and deny
key words. Deny is also used to subtract permissions from the
profiles permission set.
the audit key word can be prepended to any file, network, or capability
rule, to force a selective audit when that rule is matched. Audit
permissions accumulate just like standard permissions.
eg.
audit /bin/foo rw,
will force an audit message when the file /bin/foo is opened for
read or write.
audit /etc/shadow w,
/etc/shadow r,
will force an audit message when /etc/shadow is opened for writing.
The audit message is per permission bit so only opening the file
for read access will not, force an audit message.
audit can also be used in block form instead of prepending audit
to every rule.
audit {
/bin/foo rw,
/etc/shadow w,
}
/etc/shadow r, # don't audit r access to /etc/shadow
the deny key word can be prepended to file, network and capability
rules, to result in a denial of permissions when matching that rule.
The deny rule specifically does 3 things
- it gives AppArmor the ability to remember what has been denied
so that the tools don't prompt for what has been denied in
previous profiling sessions.
- it subtracts globally from the allowed permissions. Deny permissions
accumulate in the the deny set just as allow permissions accumulate
then, the deny set is subtracted from the allow set.
- it quiets known rejects. The default audit behavior of deny rules
is to quiet known rejects so that audit logs are not flooded
with already known rejects. To have known rejects logged prepend
the audit keyword to the deny rule. Deny rules do not have a
block form.
eg.
deny /foo/bar rw,
audit deny /etc/shadow w,
audit {
deny owner /blah w,
deny other /foo w,
deny /etc/shadow w,
}
2008-03-13 17:39:03 +00:00
|
|
|
return 0;
|
2009-08-20 15:27:12 +00:00
|
|
|
if (!sd_write32(p, low_caps(profile->set_caps & ~profile->deny_caps)))
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
if (!sd_write_struct(p, "caps64"))
|
Add Audit control to AppArmor through, the use of audit and deny
key words. Deny is also used to subtract permissions from the
profiles permission set.
the audit key word can be prepended to any file, network, or capability
rule, to force a selective audit when that rule is matched. Audit
permissions accumulate just like standard permissions.
eg.
audit /bin/foo rw,
will force an audit message when the file /bin/foo is opened for
read or write.
audit /etc/shadow w,
/etc/shadow r,
will force an audit message when /etc/shadow is opened for writing.
The audit message is per permission bit so only opening the file
for read access will not, force an audit message.
audit can also be used in block form instead of prepending audit
to every rule.
audit {
/bin/foo rw,
/etc/shadow w,
}
/etc/shadow r, # don't audit r access to /etc/shadow
the deny key word can be prepended to file, network and capability
rules, to result in a denial of permissions when matching that rule.
The deny rule specifically does 3 things
- it gives AppArmor the ability to remember what has been denied
so that the tools don't prompt for what has been denied in
previous profiling sessions.
- it subtracts globally from the allowed permissions. Deny permissions
accumulate in the the deny set just as allow permissions accumulate
then, the deny set is subtracted from the allow set.
- it quiets known rejects. The default audit behavior of deny rules
is to quiet known rejects so that audit logs are not flooded
with already known rejects. To have known rejects logged prepend
the audit keyword to the deny rule. Deny rules do not have a
block form.
eg.
deny /foo/bar rw,
audit deny /etc/shadow w,
audit {
deny owner /blah w,
deny other /foo w,
deny /etc/shadow w,
}
2008-03-13 17:39:03 +00:00
|
|
|
return 0;
|
2009-08-20 15:27:12 +00:00
|
|
|
if (!sd_write32(p, high_caps(allowed_caps)))
|
2006-04-11 21:52:54 +00:00
|
|
|
return 0;
|
2009-08-20 15:27:12 +00:00
|
|
|
if (!sd_write32(p, high_caps(allowed_caps & profile->audit_caps)))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write32(p, high_caps(profile->deny_caps & profile->quiet_caps)))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write32(p, high_caps(profile->set_caps & ~profile->deny_caps)))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write_structend(p))
|
2008-04-06 18:55:27 +00:00
|
|
|
return 0;
|
2006-04-11 21:52:54 +00:00
|
|
|
|
2008-04-06 18:55:46 +00:00
|
|
|
if (!sd_serialize_rlimits(p, &profile->rlimits))
|
|
|
|
|
return 0;
|
|
|
|
|
|
2010-08-26 10:37:46 -07:00
|
|
|
if (profile->network_allowed && kernel_supports_network) {
|
2009-07-24 17:24:41 +00:00
|
|
|
size_t i;
|
|
|
|
|
if (!sd_write_array(p, "net_allowed_af", get_af_max()))
|
2007-07-27 20:29:47 +00:00
|
|
|
return 0;
|
2009-07-24 17:24:41 +00:00
|
|
|
for (i = 0; i < get_af_max(); i++) {
|
Add Audit control to AppArmor through, the use of audit and deny
key words. Deny is also used to subtract permissions from the
profiles permission set.
the audit key word can be prepended to any file, network, or capability
rule, to force a selective audit when that rule is matched. Audit
permissions accumulate just like standard permissions.
eg.
audit /bin/foo rw,
will force an audit message when the file /bin/foo is opened for
read or write.
audit /etc/shadow w,
/etc/shadow r,
will force an audit message when /etc/shadow is opened for writing.
The audit message is per permission bit so only opening the file
for read access will not, force an audit message.
audit can also be used in block form instead of prepending audit
to every rule.
audit {
/bin/foo rw,
/etc/shadow w,
}
/etc/shadow r, # don't audit r access to /etc/shadow
the deny key word can be prepended to file, network and capability
rules, to result in a denial of permissions when matching that rule.
The deny rule specifically does 3 things
- it gives AppArmor the ability to remember what has been denied
so that the tools don't prompt for what has been denied in
previous profiling sessions.
- it subtracts globally from the allowed permissions. Deny permissions
accumulate in the the deny set just as allow permissions accumulate
then, the deny set is subtracted from the allow set.
- it quiets known rejects. The default audit behavior of deny rules
is to quiet known rejects so that audit logs are not flooded
with already known rejects. To have known rejects logged prepend
the audit keyword to the deny rule. Deny rules do not have a
block form.
eg.
deny /foo/bar rw,
audit deny /etc/shadow w,
audit {
deny owner /blah w,
deny other /foo w,
deny /etc/shadow w,
}
2008-03-13 17:39:03 +00:00
|
|
|
u16 allowed = profile->network_allowed[i] &
|
|
|
|
|
~profile->deny_network[i];
|
|
|
|
|
if (!sd_write16(p, allowed))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write16(p, allowed & profile->audit_network[i]))
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write16(p, profile->deny_network[i] & profile->quiet_network[i]))
|
2007-07-27 20:29:47 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
if (!sd_write_arrayend(p))
|
|
|
|
|
return 0;
|
2010-08-26 10:37:46 -07:00
|
|
|
} else if (profile->network_allowed)
|
|
|
|
|
pwarn(_("profile %s network rules not enforced\n"), profile->name);
|
2007-07-27 20:29:47 +00:00
|
|
|
|
2007-02-27 02:29:16 +00:00
|
|
|
/* either have a single dfa or lists of different entry types */
|
|
|
|
|
if (regex_type == AARE_DFA) {
|
|
|
|
|
if (!sd_serialize_dfa(p, profile->dfa, profile->dfa_size))
|
2006-04-11 21:52:54 +00:00
|
|
|
return 0;
|
2008-04-16 04:45:02 +00:00
|
|
|
|
|
|
|
|
if (!sd_serialize_xtable(p, profile->exec_table))
|
|
|
|
|
return 0;
|
2007-02-27 02:29:16 +00:00
|
|
|
} else {
|
2010-07-31 16:00:52 -07:00
|
|
|
PERROR(_("Unknown pattern type\n"));
|
|
|
|
|
return 1;
|
2006-04-11 21:52:54 +00:00
|
|
|
}
|
|
|
|
|
|
2007-06-26 21:09:46 +00:00
|
|
|
if (profile->hat_table && regex_type != AARE_DFA) {
|
2006-04-11 21:52:54 +00:00
|
|
|
if (!sd_write_list(p, "hats"))
|
|
|
|
|
return 0;
|
|
|
|
|
if (load_hats(p, profile) != 0)
|
|
|
|
|
return 0;
|
|
|
|
|
if (!sd_write_listend(p))
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
if (!sd_write_structend(p))
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int sd_serialize_top_profile(sd_serialize *p, struct codomain *profile)
|
|
|
|
|
{
|
2007-02-27 02:29:16 +00:00
|
|
|
int version;
|
|
|
|
|
|
|
|
|
|
if (regex_type == AARE_DFA)
|
|
|
|
|
version = SUBDOMAIN_INTERFACE_DFA_VERSION;
|
|
|
|
|
else
|
|
|
|
|
version = SUBDOMAIN_INTERFACE_VERSION;
|
|
|
|
|
|
|
|
|
|
|
2006-04-11 21:52:54 +00:00
|
|
|
if (!sd_write_name(p, "version"))
|
|
|
|
|
return 0;
|
2007-02-27 02:29:16 +00:00
|
|
|
|
|
|
|
|
if (!sd_write32(p, version))
|
2006-04-11 21:52:54 +00:00
|
|
|
return 0;
|
2007-11-16 09:18:48 +00:00
|
|
|
|
|
|
|
|
if (profile_namespace) {
|
|
|
|
|
if (!sd_write_string(p, profile_namespace, "namespace"))
|
|
|
|
|
return 0;
|
|
|
|
|
} else if (profile->namespace) {
|
|
|
|
|
if (!sd_write_string(p, profile->namespace, "namespace"))
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2007-06-26 21:09:46 +00:00
|
|
|
return sd_serialize_profile(p, profile, profile->parent ? 1 : 0);
|
2006-04-11 21:52:54 +00:00
|
|
|
}
|
|
|
|
|
|
2009-07-24 07:36:09 +00:00
|
|
|
int cache_fd = -1;
|
2006-04-11 21:52:54 +00:00
|
|
|
int sd_serialize_codomain(int option, struct codomain *cod)
|
|
|
|
|
{
|
2010-07-26 09:22:45 -07:00
|
|
|
int fd = -1;
|
2009-07-24 23:47:46 +00:00
|
|
|
int error = -ENOMEM, size, wsize;
|
2006-04-11 21:52:54 +00:00
|
|
|
sd_serialize *work_area;
|
|
|
|
|
char *filename = NULL;
|
|
|
|
|
|
|
|
|
|
switch (option) {
|
|
|
|
|
case OPTION_ADD:
|
2009-07-24 23:47:46 +00:00
|
|
|
if (asprintf(&filename, "%s/.load", subdomainbase) == -1)
|
|
|
|
|
goto exit;
|
2009-11-11 10:56:04 -08:00
|
|
|
if (kernel_load) fd = open(filename, O_WRONLY);
|
2006-04-11 21:52:54 +00:00
|
|
|
break;
|
|
|
|
|
case OPTION_REPLACE:
|
2009-07-24 23:47:46 +00:00
|
|
|
if (asprintf(&filename, "%s/.replace", subdomainbase) == -1)
|
|
|
|
|
goto exit;
|
2009-11-11 10:56:04 -08:00
|
|
|
if (kernel_load) fd = open(filename, O_WRONLY);
|
2006-04-11 21:52:54 +00:00
|
|
|
break;
|
|
|
|
|
case OPTION_REMOVE:
|
2009-07-24 23:47:46 +00:00
|
|
|
if (asprintf(&filename, "%s/.remove", subdomainbase) == -1)
|
|
|
|
|
goto exit;
|
2009-11-11 10:56:04 -08:00
|
|
|
if (kernel_load) fd = open(filename, O_WRONLY);
|
2006-04-11 21:52:54 +00:00
|
|
|
break;
|
|
|
|
|
case OPTION_STDOUT:
|
|
|
|
|
filename = "stdout";
|
|
|
|
|
fd = dup(1);
|
|
|
|
|
break;
|
2010-06-26 13:13:52 -07:00
|
|
|
case OPTION_OFILE:
|
|
|
|
|
fd = dup(fileno(ofile));
|
|
|
|
|
break;
|
2006-04-11 21:52:54 +00:00
|
|
|
default:
|
|
|
|
|
error = -EINVAL;
|
|
|
|
|
goto exit;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2010-09-14 12:38:38 -07:00
|
|
|
if (fd < 0 && (kernel_load || option == OPTION_OFILE || option == OPTION_STDOUT)) {
|
|
|
|
|
PERROR(_("Unable to open %s - %s\n"), filename,
|
|
|
|
|
strerror(errno));
|
2006-04-11 21:52:54 +00:00
|
|
|
error = -errno;
|
|
|
|
|
goto exit;
|
|
|
|
|
}
|
|
|
|
|
|
2009-07-24 23:47:46 +00:00
|
|
|
error = 0;
|
|
|
|
|
|
2010-06-26 13:13:52 -07:00
|
|
|
if (option != OPTION_STDOUT && option != OPTION_OFILE)
|
2006-12-19 17:44:53 +00:00
|
|
|
free(filename);
|
|
|
|
|
|
2006-04-11 21:52:54 +00:00
|
|
|
if (option == OPTION_REMOVE) {
|
2007-11-16 09:18:48 +00:00
|
|
|
char *name, *ns = NULL;
|
|
|
|
|
int len = 0;
|
|
|
|
|
|
|
|
|
|
if (profile_namespace) {
|
|
|
|
|
len += strlen(profile_namespace) + 1;
|
|
|
|
|
ns = profile_namespace;
|
|
|
|
|
} else if (cod->namespace) {
|
|
|
|
|
len += strlen(cod->namespace) + 1;
|
|
|
|
|
ns = cod->namespace;
|
|
|
|
|
}
|
2007-06-26 21:09:46 +00:00
|
|
|
if (cod->parent) {
|
|
|
|
|
name = malloc(strlen(cod->name) + 3 +
|
2007-11-16 09:18:48 +00:00
|
|
|
strlen(cod->parent->name) + len);
|
|
|
|
|
if (!name) {
|
|
|
|
|
PERROR(_("Memory Allocation Error: Unable to remove ^%s\n"), cod->name);
|
|
|
|
|
error = -errno;
|
|
|
|
|
goto exit;
|
|
|
|
|
}
|
|
|
|
|
if (ns)
|
|
|
|
|
sprintf(name, "%s:%s//%s", ns,
|
|
|
|
|
cod->parent->name, cod->name);
|
|
|
|
|
else
|
|
|
|
|
sprintf(name, "%s//%s", cod->parent->name,
|
|
|
|
|
cod->name);
|
|
|
|
|
} else if (ns) {
|
|
|
|
|
name = malloc(len + strlen(cod->name) + 1);
|
2007-06-26 21:09:46 +00:00
|
|
|
if (!name) {
|
2007-11-16 09:18:48 +00:00
|
|
|
PERROR(_("Memory Allocation Error: Unable to remove %s:%s."), ns, cod->name);
|
2007-06-26 21:09:46 +00:00
|
|
|
error = -errno;
|
|
|
|
|
goto exit;
|
|
|
|
|
}
|
2007-11-16 09:18:48 +00:00
|
|
|
sprintf(name, "%s:%s", ns, cod->name);
|
2007-06-26 21:09:46 +00:00
|
|
|
} else {
|
|
|
|
|
name = cod->name;
|
|
|
|
|
}
|
|
|
|
|
size = strlen(name) + 1;
|
2009-11-11 10:56:04 -08:00
|
|
|
if (kernel_load) {
|
|
|
|
|
wsize = write(fd, name, size);
|
|
|
|
|
if (wsize < 0)
|
|
|
|
|
error = -errno;
|
|
|
|
|
}
|
2007-11-16 09:18:48 +00:00
|
|
|
if (cod->parent || ns)
|
2007-06-26 21:09:46 +00:00
|
|
|
free(name);
|
2006-04-11 21:52:54 +00:00
|
|
|
} else {
|
|
|
|
|
|
|
|
|
|
work_area = alloc_sd_serial();
|
|
|
|
|
if (!work_area) {
|
|
|
|
|
close(fd);
|
|
|
|
|
PERROR(_("unable to create work area\n"));
|
|
|
|
|
error = -ENOMEM;
|
|
|
|
|
goto exit;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!sd_serialize_top_profile(work_area, cod)) {
|
|
|
|
|
close(fd);
|
|
|
|
|
free_sd_serial(work_area);
|
|
|
|
|
PERROR(_("unable to serialize profile %s\n"),
|
|
|
|
|
cod->name);
|
|
|
|
|
goto exit;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
size = work_area->pos - work_area->buffer;
|
2010-06-26 13:13:52 -07:00
|
|
|
if (kernel_load || option == OPTION_STDOUT || option == OPTION_OFILE) {
|
2009-11-11 10:56:04 -08:00
|
|
|
wsize = write(fd, work_area->buffer, size);
|
|
|
|
|
if (wsize < 0) {
|
|
|
|
|
error = -errno;
|
|
|
|
|
} else if (wsize < size) {
|
|
|
|
|
PERROR(_("%s: Unable to write entire profile entry\n"),
|
|
|
|
|
progname);
|
|
|
|
|
error = -EIO;
|
|
|
|
|
}
|
2009-07-24 07:36:09 +00:00
|
|
|
}
|
|
|
|
|
if (cache_fd != -1) {
|
|
|
|
|
wsize = write(cache_fd, work_area->buffer, size);
|
|
|
|
|
if (wsize < 0) {
|
|
|
|
|
error = -errno;
|
|
|
|
|
} else if (wsize < size) {
|
|
|
|
|
PERROR(_("%s: Unable to write entire profile entry to cache\n"),
|
|
|
|
|
progname);
|
|
|
|
|
error = -EIO;
|
|
|
|
|
}
|
2006-04-11 21:52:54 +00:00
|
|
|
}
|
|
|
|
|
free_sd_serial(work_area);
|
|
|
|
|
}
|
|
|
|
|
|
2010-06-26 13:13:52 -07:00
|
|
|
close(fd);
|
2006-04-11 21:52:54 +00:00
|
|
|
|
2010-03-09 01:38:12 -08:00
|
|
|
if (cod->hat_table && regex_type == AARE_DFA && option != OPTION_REMOVE) {
|
2007-06-26 21:09:46 +00:00
|
|
|
if (load_flattened_hats(cod) != 0)
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2006-04-11 21:52:54 +00:00
|
|
|
exit:
|
|
|
|
|
return error;
|
|
|
|
|
}
|
2008-06-09 10:00:28 +00:00
|
|
|
|
2008-09-10 08:44:53 +00:00
|
|
|
/* bleah the kernel should just loop and do multiple load, but to support
|
|
|
|
|
* older systems we need to do this
|
|
|
|
|
*/
|
|
|
|
|
#define PROFILE_HEADER_SIZE
|
|
|
|
|
static char header_version[] = "\x04\x08\x00version";
|
|
|
|
|
|
|
|
|
|
static char *next_profile_buffer(char *buffer, int size)
|
|
|
|
|
{
|
|
|
|
|
char *b = buffer;
|
|
|
|
|
|
|
|
|
|
for (; size - sizeof(header_version); b++, size--) {
|
|
|
|
|
if (memcmp(b, header_version, sizeof(header_version)) == 0) {
|
|
|
|
|
return b;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2008-06-09 10:00:28 +00:00
|
|
|
int sd_load_buffer(int option, char *buffer, int size)
|
|
|
|
|
{
|
2010-07-26 09:22:45 -07:00
|
|
|
int fd = -1;
|
2009-07-24 23:47:46 +00:00
|
|
|
int error = -ENOMEM, wsize, bsize;
|
2008-06-09 10:00:28 +00:00
|
|
|
char *filename = NULL;
|
2008-09-10 08:44:53 +00:00
|
|
|
char *b;
|
2008-06-09 10:00:28 +00:00
|
|
|
|
|
|
|
|
switch (option) {
|
|
|
|
|
case OPTION_ADD:
|
2009-07-24 23:47:46 +00:00
|
|
|
if (asprintf(&filename, "%s/.load", subdomainbase) == -1)
|
|
|
|
|
goto exit;
|
2009-11-11 10:56:04 -08:00
|
|
|
if (kernel_load) fd = open(filename, O_WRONLY);
|
2008-06-09 10:00:28 +00:00
|
|
|
break;
|
|
|
|
|
case OPTION_REPLACE:
|
2009-07-24 23:47:46 +00:00
|
|
|
if (asprintf(&filename, "%s/.replace", subdomainbase) == -1)
|
|
|
|
|
goto exit;
|
2009-11-11 10:56:04 -08:00
|
|
|
if (kernel_load) fd = open(filename, O_WRONLY);
|
2008-06-09 10:00:28 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
error = -EINVAL;
|
|
|
|
|
goto exit;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2009-11-11 10:56:04 -08:00
|
|
|
if (kernel_load && fd < 0) {
|
2008-06-09 10:00:28 +00:00
|
|
|
PERROR(_("Unable to open %s - %s\n"), filename,
|
|
|
|
|
strerror(errno));
|
|
|
|
|
error = -errno;
|
|
|
|
|
goto exit;
|
|
|
|
|
}
|
|
|
|
|
|
2009-07-24 23:47:46 +00:00
|
|
|
error = 0;
|
2008-09-10 08:44:53 +00:00
|
|
|
for (b = buffer; b ; b = next_profile_buffer(b + sizeof(header_version), bsize)) {
|
|
|
|
|
bsize = size - (b - buffer);
|
2009-11-11 10:56:04 -08:00
|
|
|
if (kernel_load) {
|
|
|
|
|
wsize = write(fd, b, bsize);
|
|
|
|
|
if (wsize < 0) {
|
|
|
|
|
error = -errno;
|
|
|
|
|
} else if (wsize < bsize) {
|
|
|
|
|
PERROR(_("%s: Unable to write entire profile entry\n"),
|
|
|
|
|
progname);
|
|
|
|
|
}
|
2008-09-10 08:44:53 +00:00
|
|
|
}
|
2008-06-09 10:00:28 +00:00
|
|
|
}
|
2009-11-11 10:56:04 -08:00
|
|
|
if (kernel_load) close(fd);
|
2008-06-09 10:00:28 +00:00
|
|
|
exit:
|
|
|
|
|
free(filename);
|
|
|
|
|
return error;
|
|
|
|
|
}
|