| blob | 36cc0cc39e78e135630384e6500f4a789fe7aa2a |
1 /*
2 * AppArmor security module
3 *
4 * This file contains AppArmor function for pathnames
5 *
6 * Copyright (C) 1998-2008 Novell/SUSE
7 * Copyright 2009-2010 Canonical Ltd.
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License as
11 * published by the Free Software Foundation, version 2 of the
12 * License.
13 */
15 #include <linux/magic.h>
16 #include <linux/mnt_namespace.h>
17 #include <linux/mount.h>
18 #include <linux/namei.h>
19 #include <linux/nsproxy.h>
20 #include <linux/path.h>
21 #include <linux/sched.h>
22 #include <linux/slab.h>
23 #include <linux/fs_struct.h>
30 /* modified from dcache.c */
32 {
39 }
41 #define CHROOT_NSCONNECT (PATH_CHROOT_REL | PATH_CHROOT_NSCONNECT)
43 /**
44 * d_namespace_path - lookup a name associated with a given path
45 * @path: path to lookup (NOT NULL)
46 * @buf: buffer to store path to (NOT NULL)
47 * @buflen: length of @buf
48 * @name: Returns - pointer for start of path name with in @buf (NOT NULL)
49 * @flags: flags controlling path lookup
50 *
51 * Handle path name lookup.
52 *
53 * Returns: %0 else error code if path lookup fails
54 * When no error the path name is returned in @name which points to
55 * to a position in @buf
56 */
59 {
64 /* Get the root we want to resolve too, released below */
66 /* resolve paths relative to chroot */
69 /* resolve paths relative to namespace */
73 }
79 /* handle error conditions - and still allow a partial path to
80 * be returned.
81 */
86 }
88 /* Handle two cases:
89 * 1. A deleted dentry && profile is not allowing mediation of deleted
90 * 2. On some filesystems, newly allocated dentries appear to the
91 * security_path hooks as a deleted dentry except without an inode
92 * allocated.
93 */
98 }
100 /* Determine if the path is connected to the expected root */
103 /* If the path is not connected,
104 * check if it is a sysctl and handle specially else remove any
105 * leading / that __d_path may have returned.
106 * Unless
107 * specifically directed to connect the path,
108 * OR
109 * if in a chroot and doing chroot relative paths and the path
110 * resolves to the namespace root (would be connected outside
111 * of chroot) and specifically directed to connect paths to
112 * namespace root.
113 */
115 /* is the disconnect path a sysctl? */
118 /* TODO: convert over to using a per namespace
119 * control instead of hard coded /proc
120 */
126 /* disconnected path, don't return pathname starting
127 * with '/'
128 */
132 }
133 }
135 out:
139 }
141 /**
142 * get_name_to_buffer - get the pathname to a buffer ensure dir / is appended
143 * @path: path to get name for (NOT NULL)
144 * @flags: flags controlling path lookup
145 * @buffer: buffer to put name in (NOT NULL)
146 * @size: size of buffer
147 * @name: Returns - contains position of path name in @buffer (NOT NULL)
148 *
149 * Returns: %0 else error on failure
150 */
153 {
158 /*
159 * Append "/" to the pathname. The root directory is a special
160 * case; it already ends in slash.
161 */
165 }
167 /**
168 * aa_get_name - compute the pathname of a file
169 * @path: path the file (NOT NULL)
170 * @flags: flags controlling path name generation
171 * @buffer: buffer that aa_get_name() allocated (NOT NULL)
172 * @name: Returns - the generated path name if !error (NOT NULL)
173 *
174 * @name is a pointer to the beginning of the pathname (which usually differs
175 * from the beginning of the buffer), or NULL. If there is an error @name
176 * may contain a partial or invalid name that can be used for audit purposes,
177 * but it can not be used for mediation.
178 *
179 * We need PATH_IS_DIR to indicate whether the file is a directory or not
180 * because the file may not yet exist, and so we cannot check the inode's
181 * file type.
182 *
183 * Returns: %0 else error code if could retrieve name
184 */
186 {
194 /* freed by caller */
207 }
212 }