2
* Copyright (C) 2002-2005 Novell/SUSE
4
* This program is free software; you can redistribute it and/or
5
* modify it under the terms of the GNU General Public License as
6
* published by the Free Software Foundation, version 2 of the
9
* http://forge.novell.com/modules/xfmod/project/?apparmor
11
* AppArmor aamatch submodule (w/ pattern expansion).
13
* This module makes use of a slightly modified version of the PCRE
14
* library developed by Philip Hazel <ph10@cam.ac.uk>. See the files
15
* pcre_* in this directory.
18
#include <linux/module.h>
20
#include "pcre_exec.h"
21
#include "pcre_tables.h"
23
static const char *features="literal tailglob pattern=pcre";
31
void* aamatch_alloc(enum entry_match_type entry_type)
35
if (entry_type == aa_entry_pattern) {
36
ptr = kmalloc(sizeof(struct aamatch_entry), GFP_KERNEL);
38
memset(ptr, 0, sizeof(struct aamatch_entry));
41
} else if (entry_type != aa_entry_literal &&
42
entry_type != aa_entry_tailglob) {
43
ptr = ERR_PTR(-EINVAL);
49
void aamatch_free(void *ptr)
52
struct aamatch_entry *ed = (struct aamatch_entry *) ptr;
54
kfree(ed->compiled); /* allocated by AA_READ_X */
59
const char *aamatch_features(void)
64
int aamatch_serialize(void *entry_extradata, struct aa_ext *e,
65
aamatch_serializecb cb)
67
#define AA_READ_X(E, C, D, N) \
69
if (!cb((E), (C), (D), (N))) { \
76
u32 size, magic, opts;
78
struct aamatch_entry *ed = (struct aamatch_entry *) entry_extradata;
83
AA_READ_X(e, AA_DYN_STRING, &ed->pattern, NULL);
85
/* size determines the real size of the pcre struct,
86
it is size_t - sizeof(pcre) on user side.
87
uschar must be the same in user and kernel space */
88
/* check that we are processing the correct structure */
89
AA_READ_X(e, AA_STRUCT, NULL, "pcre");
90
AA_READ_X(e, AA_U32, &size, NULL);
91
AA_READ_X(e, AA_U32, &magic, NULL);
93
/* the allocation of pcre is delayed because it depends on the size
95
ed->compiled = (pcre *) kmalloc(size + sizeof(pcre), GFP_KERNEL);
101
memset(ed->compiled, 0, size + sizeof(pcre));
102
ed->compiled->magic_number = magic;
103
ed->compiled->size = size + sizeof(pcre);
105
AA_READ_X(e, AA_U32, &opts, NULL);
106
ed->compiled->options = opts;
107
AA_READ_X(e, AA_U16, &ed->compiled->top_bracket, NULL);
108
AA_READ_X(e, AA_U16, &ed->compiled->top_backref, NULL);
109
AA_READ_X(e, AA_U8, &t_char, NULL);
110
ed->compiled->first_char = t_char;
111
AA_READ_X(e, AA_U8, &t_char, NULL);
112
ed->compiled->req_char = t_char;
113
AA_READ_X(e, AA_U8, &t_char, NULL);
114
ed->compiled->code[0] = t_char;
116
AA_READ_X(e, AA_STATIC_BLOB, &ed->compiled->code[1], NULL);
118
AA_READ_X(e, AA_STRUCTEND, NULL, NULL);
120
/* stitch in pcre patterns, it was NULLed out by parser
121
* pcre_default_tables defined in pcre_tables.h */
122
ed->compiled->tables = pcre_default_tables;
125
if (error != 0 && ed) {
126
kfree(ed->pattern); /* allocated by AA_READ_X */
135
unsigned int aamatch_match(const char *pathname, const char *entry_name,
136
enum entry_match_type entry_type, void *entry_extradata)
140
if (entry_type == aa_entry_pattern) {
142
struct aamatch_entry *ed =
143
(struct aamatch_entry *) entry_extradata;
145
pcreret = pcre_exec(ed->compiled, NULL,
146
pathname, strlen(pathname),
149
ret = (pcreret >= 0);
151
// XXX - this needs access to subdomain_debug, hmmm
152
//AA_DEBUG("%s(%d): %s %s %d\n", __FUNCTION__,
153
// ret, pathname, ed->pattern, pcreret);
155
ret = aamatch_match_common(pathname, entry_name, entry_type);
161
EXPORT_SYMBOL_GPL(aamatch_alloc);
162
EXPORT_SYMBOL_GPL(aamatch_free);
163
EXPORT_SYMBOL_GPL(aamatch_features);
164
EXPORT_SYMBOL_GPL(aamatch_serialize);
165
EXPORT_SYMBOL_GPL(aamatch_match);
167
MODULE_DESCRIPTION("AppArmor aa_match module [pcre]");
168
MODULE_AUTHOR("Tony Jones <tonyj@suse.de>");
169
MODULE_LICENSE("GPL");