apparmorfs.h (3188B)
1/* SPDX-License-Identifier: GPL-2.0-only */ 2/* 3 * AppArmor security module 4 * 5 * This file contains AppArmor filesystem definitions. 6 * 7 * Copyright (C) 1998-2008 Novell/SUSE 8 * Copyright 2009-2010 Canonical Ltd. 9 */ 10 11#ifndef __AA_APPARMORFS_H 12#define __AA_APPARMORFS_H 13 14extern struct path aa_null; 15 16enum aa_sfs_type { 17 AA_SFS_TYPE_BOOLEAN, 18 AA_SFS_TYPE_STRING, 19 AA_SFS_TYPE_U64, 20 AA_SFS_TYPE_FOPS, 21 AA_SFS_TYPE_DIR, 22}; 23 24struct aa_sfs_entry; 25 26struct aa_sfs_entry { 27 const char *name; 28 struct dentry *dentry; 29 umode_t mode; 30 enum aa_sfs_type v_type; 31 union { 32 bool boolean; 33 char *string; 34 unsigned long u64; 35 struct aa_sfs_entry *files; 36 } v; 37 const struct file_operations *file_ops; 38}; 39 40extern const struct file_operations aa_sfs_seq_file_ops; 41 42#define AA_SFS_FILE_BOOLEAN(_name, _value) \ 43 { .name = (_name), .mode = 0444, \ 44 .v_type = AA_SFS_TYPE_BOOLEAN, .v.boolean = (_value), \ 45 .file_ops = &aa_sfs_seq_file_ops } 46#define AA_SFS_FILE_STRING(_name, _value) \ 47 { .name = (_name), .mode = 0444, \ 48 .v_type = AA_SFS_TYPE_STRING, .v.string = (_value), \ 49 .file_ops = &aa_sfs_seq_file_ops } 50#define AA_SFS_FILE_U64(_name, _value) \ 51 { .name = (_name), .mode = 0444, \ 52 .v_type = AA_SFS_TYPE_U64, .v.u64 = (_value), \ 53 .file_ops = &aa_sfs_seq_file_ops } 54#define AA_SFS_FILE_FOPS(_name, _mode, _fops) \ 55 { .name = (_name), .v_type = AA_SFS_TYPE_FOPS, \ 56 .mode = (_mode), .file_ops = (_fops) } 57#define AA_SFS_DIR(_name, _value) \ 58 { .name = (_name), .v_type = AA_SFS_TYPE_DIR, .v.files = (_value) } 59 60extern void __init aa_destroy_aafs(void); 61 62struct aa_profile; 63struct aa_ns; 64 65enum aafs_ns_type { 66 AAFS_NS_DIR, 67 AAFS_NS_PROFS, 68 AAFS_NS_NS, 69 AAFS_NS_RAW_DATA, 70 AAFS_NS_LOAD, 71 AAFS_NS_REPLACE, 72 AAFS_NS_REMOVE, 73 AAFS_NS_REVISION, 74 AAFS_NS_COUNT, 75 AAFS_NS_MAX_COUNT, 76 AAFS_NS_SIZE, 77 AAFS_NS_MAX_SIZE, 78 AAFS_NS_OWNER, 79 AAFS_NS_SIZEOF, 80}; 81 82enum aafs_prof_type { 83 AAFS_PROF_DIR, 84 AAFS_PROF_PROFS, 85 AAFS_PROF_NAME, 86 AAFS_PROF_MODE, 87 AAFS_PROF_ATTACH, 88 AAFS_PROF_HASH, 89 AAFS_PROF_RAW_DATA, 90 AAFS_PROF_RAW_HASH, 91 AAFS_PROF_RAW_ABI, 92 AAFS_PROF_SIZEOF, 93}; 94 95#define ns_dir(X) ((X)->dents[AAFS_NS_DIR]) 96#define ns_subns_dir(X) ((X)->dents[AAFS_NS_NS]) 97#define ns_subprofs_dir(X) ((X)->dents[AAFS_NS_PROFS]) 98#define ns_subdata_dir(X) ((X)->dents[AAFS_NS_RAW_DATA]) 99#define ns_subload(X) ((X)->dents[AAFS_NS_LOAD]) 100#define ns_subreplace(X) ((X)->dents[AAFS_NS_REPLACE]) 101#define ns_subremove(X) ((X)->dents[AAFS_NS_REMOVE]) 102#define ns_subrevision(X) ((X)->dents[AAFS_NS_REVISION]) 103 104#define prof_dir(X) ((X)->dents[AAFS_PROF_DIR]) 105#define prof_child_dir(X) ((X)->dents[AAFS_PROF_PROFS]) 106 107void __aa_bump_ns_revision(struct aa_ns *ns); 108void __aafs_profile_rmdir(struct aa_profile *profile); 109void __aafs_profile_migrate_dents(struct aa_profile *old, 110 struct aa_profile *new); 111int __aafs_profile_mkdir(struct aa_profile *profile, struct dentry *parent); 112void __aafs_ns_rmdir(struct aa_ns *ns); 113int __aafs_ns_mkdir(struct aa_ns *ns, struct dentry *parent, const char *name, 114 struct dentry *dent); 115 116struct aa_loaddata; 117void __aa_fs_remove_rawdata(struct aa_loaddata *rawdata); 118int __aa_fs_create_rawdata(struct aa_ns *ns, struct aa_loaddata *rawdata); 119 120#endif /* __AA_APPARMORFS_H */