1 | /* SPDX-License-Identifier: GPL-2.0-only */ |
2 | /* |
3 | * AppArmor security module |
4 | * |
5 | * This file contains AppArmor resource limits function definitions. |
6 | * |
7 | * Copyright (C) 1998-2008 Novell/SUSE |
8 | * Copyright 2009-2010 Canonical Ltd. |
9 | */ |
10 | |
11 | #ifndef __AA_RESOURCE_H |
12 | #define __AA_RESOURCE_H |
13 | |
14 | #include <linux/resource.h> |
15 | #include <linux/sched.h> |
16 | |
17 | #include "apparmorfs.h" |
18 | |
19 | struct aa_profile; |
20 | |
21 | /* struct aa_rlimit - rlimit settings for the profile |
22 | * @mask: which hard limits to set |
23 | * @limits: rlimit values that override task limits |
24 | * |
25 | * AppArmor rlimits are used to set confined task rlimits. Only the |
26 | * limits specified in @mask will be controlled by apparmor. |
27 | */ |
28 | struct aa_rlimit { |
29 | unsigned int mask; |
30 | struct rlimit limits[RLIM_NLIMITS]; |
31 | }; |
32 | |
33 | extern struct aa_sfs_entry aa_sfs_entry_rlimit[]; |
34 | |
35 | int aa_map_resource(int resource); |
36 | int aa_task_setrlimit(const struct cred *subj_cred, struct aa_label *label, |
37 | struct task_struct *task, |
38 | unsigned int resource, struct rlimit *new_rlim); |
39 | |
40 | void __aa_transition_rlimits(struct aa_label *old, struct aa_label *new); |
41 | |
42 | static inline void aa_free_rlimit_rules(struct aa_rlimit *rlims) |
43 | { |
44 | /* NOP */ |
45 | } |
46 | |
47 | #endif /* __AA_RESOURCE_H */ |
48 | |