apparmorfs.h source code [linux/security/apparmor/include/apparmorfs.h]

1	/ SPDX-License-Identifier: GPL-2.0-only /
2	/*
3	* AppArmor security module
4	*
5	* This file contains AppArmor filesystem definitions.
6	*
7	* Copyright (C) 1998-2008 Novell/SUSE
8	* Copyright 2009-2010 Canonical Ltd.
9	*/
10
11	#ifndef __AA_APPARMORFS_H
12	#define __AA_APPARMORFS_H
13
14	extern struct path aa_null;
15
16	enum aa_sfs_type {
17	AA_SFS_TYPE_BOOLEAN,
18	AA_SFS_TYPE_STRING,
19	AA_SFS_TYPE_U64,
20	AA_SFS_TYPE_FOPS,
21	AA_SFS_TYPE_DIR,
22	};
23
24	struct aa_sfs_entry;
25
26	struct aa_sfs_entry {
27	const char *name;
28	struct dentry *dentry;
29	umode_t mode;
30	enum aa_sfs_type v_type;
31	union {
32	bool boolean;
33	char *string;
34	unsigned long u64;
35	struct aa_sfs_entry *files;
36	} v;
37	const struct file_operations *file_ops;
38	};
39
40	extern const struct file_operations aa_sfs_seq_file_ops;
41
42	#define AA_SFS_FILE_BOOLEAN(_name, _value) \
43	{ .name = (_name), .mode = 0444, \
44	.v_type = AA_SFS_TYPE_BOOLEAN, .v.boolean = (_value), \
45	.file_ops = &aa_sfs_seq_file_ops }
46	#define AA_SFS_FILE_STRING(_name, _value) \
47	{ .name = (_name), .mode = 0444, \
48	.v_type = AA_SFS_TYPE_STRING, .v.string = (_value), \
49	.file_ops = &aa_sfs_seq_file_ops }
50	#define AA_SFS_FILE_U64(_name, _value) \
51	{ .name = (_name), .mode = 0444, \
52	.v_type = AA_SFS_TYPE_U64, .v.u64 = (_value), \
53	.file_ops = &aa_sfs_seq_file_ops }
54	#define AA_SFS_FILE_FOPS(_name, _mode, _fops) \
55	{ .name = (_name), .v_type = AA_SFS_TYPE_FOPS, \
56	.mode = (_mode), .file_ops = (_fops) }
57	#define AA_SFS_DIR(_name, _value) \
58	{ .name = (_name), .v_type = AA_SFS_TYPE_DIR, .v.files = (_value) }
59
60	extern void __init aa_destroy_aafs(void);
61
62	struct aa_profile;
63	struct aa_ns;
64
65	enum aafs_ns_type {
66	AAFS_NS_DIR,
67	AAFS_NS_PROFS,
68	AAFS_NS_NS,
69	AAFS_NS_RAW_DATA,
70	AAFS_NS_LOAD,
71	AAFS_NS_REPLACE,
72	AAFS_NS_REMOVE,
73	AAFS_NS_REVISION,
74	AAFS_NS_COUNT,
75	AAFS_NS_MAX_COUNT,
76	AAFS_NS_SIZE,
77	AAFS_NS_MAX_SIZE,
78	AAFS_NS_OWNER,
79	AAFS_NS_SIZEOF,
80	};
81
82	enum aafs_prof_type {
83	AAFS_PROF_DIR,
84	AAFS_PROF_PROFS,
85	AAFS_PROF_NAME,
86	AAFS_PROF_MODE,
87	AAFS_PROF_ATTACH,
88	AAFS_PROF_HASH,
89	AAFS_PROF_RAW_DATA,
90	AAFS_PROF_RAW_HASH,
91	AAFS_PROF_RAW_ABI,
92	AAFS_PROF_SIZEOF,
93	};
94
95	#define ns_dir(X) ((X)->dents[AAFS_NS_DIR])
96	#define ns_subns_dir(X) ((X)->dents[AAFS_NS_NS])
97	#define ns_subprofs_dir(X) ((X)->dents[AAFS_NS_PROFS])
98	#define ns_subdata_dir(X) ((X)->dents[AAFS_NS_RAW_DATA])
99	#define ns_subload(X) ((X)->dents[AAFS_NS_LOAD])
100	#define ns_subreplace(X) ((X)->dents[AAFS_NS_REPLACE])
101	#define ns_subremove(X) ((X)->dents[AAFS_NS_REMOVE])
102	#define ns_subrevision(X) ((X)->dents[AAFS_NS_REVISION])
103
104	#define prof_dir(X) ((X)->dents[AAFS_PROF_DIR])
105	#define prof_child_dir(X) ((X)->dents[AAFS_PROF_PROFS])
106
107	void __aa_bump_ns_revision(struct aa_ns *ns);
108	void __aafs_profile_rmdir(struct aa_profile *profile);
109	void __aafs_profile_migrate_dents(struct aa_profile *old,
110	struct aa_profile *new);
111	int __aafs_profile_mkdir(struct aa_profile profile, struct* dentry *parent);
112	void __aafs_ns_rmdir(struct aa_ns *ns);
113	int __aafs_ns_mkdir(struct aa_ns ns, struct* dentry parent, const* char *name,
114	struct dentry *dent);
115
116	struct aa_loaddata;
117
118	#ifdef CONFIG_SECURITY_APPARMOR_EXPORT_BINARY
119	void __aa_fs_remove_rawdata(struct aa_loaddata *rawdata);
120	int __aa_fs_create_rawdata(struct aa_ns ns, struct* aa_loaddata *rawdata);
121	#else
122	static inline void __aa_fs_remove_rawdata(struct aa_loaddata *rawdata)
123	{
124	/ empty stub /
125	}
126
127	static inline int __aa_fs_create_rawdata(struct aa_ns *ns,
128	struct aa_loaddata *rawdata)
129	{
130	return `0`;
131	}
132	#endif /* CONFIG_SECURITY_APPARMOR_EXPORT_BINARY */
133
134	#endif /* __AA_APPARMORFS_H */
135

source code of linux/security/apparmor/include/apparmorfs.h