25
25
#include "include/context.h"
26
26
#include "include/policy.h"
29
* kvmalloc - do allocation prefering kmalloc but falling back to vmalloc
30
* @size: size of allocation
32
* Return: allocated buffer or NULL if failed
34
* It is possible that policy being loaded from the user is larger than
35
* what can be allocated by kmalloc, in those cases fall back to vmalloc.
28
37
static void *kvmalloc(size_t size)
30
void *buffer = kmalloc(size, GFP_KERNEL);
44
buffer = kmalloc(size, GFP_KERNEL);
32
46
buffer = vmalloc(size);
51
* kvfree - free an allocation do by kvmalloc
52
* @buffer: buffer to free
54
* Free a buffer allocated by kvmalloc
36
56
static void kvfree(void *buffer)
38
61
if (is_vmalloc_addr(buffer))
68
* aa_simple_write_to_buffer - common routine for getting policy from user
69
* @userbuf: user buffer to copy data from (NOT NULL)
70
* @alloc_size: size of user buffer
71
* @copy_size: size of data to copy from user buffer
72
* @pos: position write is at in the file
73
* @operation: name of operation doing the user buffer copy (NOT NULL)
75
* Returns: kernel buffer containing copy of user buffer data or an
44
78
static char *aa_simple_write_to_buffer(const char __user *userbuf,
45
79
size_t alloc_size, size_t copy_size,
46
80
loff_t *pos, const char *operation)
124
/* .load file hook fn to load policy */
90
125
static ssize_t aa_profile_load(struct file *f, const char __user *buf,
91
126
size_t size, loff_t *pos)
108
143
.write = aa_profile_load
111
/* apparmor/.replace */
146
/* .replace file hook fn to load and/or replace policy */
112
147
static ssize_t aa_profile_replace(struct file *f, const char __user *buf,
113
148
size_t size, loff_t *pos)
130
165
.write = aa_profile_replace
133
/* apparmor/.remove */
168
/* .remove file hook fn to remove loaded policy */
134
169
static ssize_t aa_profile_remove(struct file *f, const char __user *buf,
135
170
size_t size, loff_t *pos)
163
198
* __next_namespace - find the next namespace to list
164
* @root: root namespace to stop search at
165
* @ns: current ns position
199
* @root: root namespace to stop search at (NOT NULL)
200
* @ns: current ns position (NOT NULL)
167
* Find the next namespace and to list and handle all locking needed
202
* Find the next namespace from @ns under @root and handle all locking needed
168
203
* while switching current namespace.
205
* Returns: next namespace or NULL if at last namespace under @root
170
206
* NOTE: will not unlock root->lock
172
208
static struct aa_namespace *__next_namespace(struct aa_namespace *root,
202
239
* __first_profile - find the first profile in a namespace
203
* @root: namespace that is root of profiles being displayed
204
* @ns: namespace to start in
240
* @root: namespace that is root of profiles being displayed (NOT NULL)
241
* @ns: namespace to start in (NOT NULL)
243
* Returns: unrefcounted profile or NULL if no profile
206
245
static struct aa_profile *__first_profile(struct aa_namespace *root,
207
246
struct aa_namespace *ns)
218
257
* __next_profile - step to the next profile in a profile tree
219
* @profile: current profile in tree
258
* @profile: current profile in tree (NOT NULL)
221
260
* Perform a depth first taversal on the profile tree in a namespace
254
293
* next_profile - step to the next profile in where ever it may be
255
* @root: root namespace
256
* @profile: current profile
294
* @root: root namespace (NOT NULL)
295
* @profile: current profile (NOT NULL)
258
297
* Returns: next profile or NULL if there isn't one
340
* p_next - read the next profile entry
341
* @f: seq_file to fill
342
* @p: profile previously returned
343
* @pos: current position
345
* Returns: next profile after @p or NULL if none
347
* may acquire/release locks in namespace tree as necessary
298
349
static void *p_next(struct seq_file *f, void *p, loff_t *pos)
300
351
struct aa_profile *profile = p;
309
360
* @f: seq_file we are filling
310
361
* @p: the last profile writen
312
* if we haven't completely traversed the profile tree will release the
363
* Release all locking done by p_start/p_next on namespace tree
315
365
static void p_stop(struct seq_file *f, void *p)
316
366
__releases(root->lock)
349
/* Returns: error on failure */
401
* @f: seq_file to file
402
* @p: current position (profile) (NOT NULL)
404
* Returns: error on failure
350
406
static int seq_show_profile(struct seq_file *f, void *p)
352
408
struct aa_profile *profile = (struct aa_profile *)p;