lib.c 2.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107
  1. /*
  2. * AppArmor security module
  3. *
  4. * This file contains basic common functions used in AppArmor
  5. *
  6. * Copyright (C) 1998-2008 Novell/SUSE
  7. * Copyright 2009-2010 Canonical Ltd.
  8. *
  9. * This program is free software; you can redistribute it and/or
  10. * modify it under the terms of the GNU General Public License as
  11. * published by the Free Software Foundation, version 2 of the
  12. * License.
  13. */
  14. #include <linux/mm.h>
  15. #include <linux/slab.h>
  16. #include <linux/string.h>
  17. #include <linux/vmalloc.h>
  18. #include "include/audit.h"
  19. #include "include/apparmor.h"
  20. /**
  21. * aa_split_fqname - split a fqname into a profile and namespace name
  22. * @fqname: a full qualified name in namespace profile format (NOT NULL)
  23. * @ns_name: pointer to portion of the string containing the ns name (NOT NULL)
  24. *
  25. * Returns: profile name or NULL if one is not specified
  26. *
  27. * Split a namespace name from a profile name (see policy.c for naming
  28. * description). If a portion of the name is missing it returns NULL for
  29. * that portion.
  30. *
  31. * NOTE: may modify the @fqname string. The pointers returned point
  32. * into the @fqname string.
  33. */
  34. char *aa_split_fqname(char *fqname, char **ns_name)
  35. {
  36. char *name = strim(fqname);
  37. *ns_name = NULL;
  38. if (name[0] == ':') {
  39. char *split = strchr(&name[1], ':');
  40. *ns_name = skip_spaces(&name[1]);
  41. if (split) {
  42. /* overwrite ':' with \0 */
  43. *split++ = 0;
  44. if (strncmp(split, "//", 2) == 0)
  45. split += 2;
  46. name = skip_spaces(split);
  47. } else
  48. /* a ns name without a following profile is allowed */
  49. name = NULL;
  50. }
  51. if (name && *name == 0)
  52. name = NULL;
  53. return name;
  54. }
  55. /**
  56. * aa_info_message - log a none profile related status message
  57. * @str: message to log
  58. */
  59. void aa_info_message(const char *str)
  60. {
  61. if (audit_enabled) {
  62. struct common_audit_data sa;
  63. struct apparmor_audit_data aad = {0,};
  64. sa.type = LSM_AUDIT_DATA_NONE;
  65. sa.aad = &aad;
  66. aad.info = str;
  67. aa_audit_msg(AUDIT_APPARMOR_STATUS, &sa, NULL);
  68. }
  69. printk(KERN_INFO "AppArmor: %s\n", str);
  70. }
  71. /**
  72. * __aa_kvmalloc - do allocation preferring kmalloc but falling back to vmalloc
  73. * @size: how many bytes of memory are required
  74. * @flags: the type of memory to allocate (see kmalloc).
  75. *
  76. * Return: allocated buffer or NULL if failed
  77. *
  78. * It is possible that policy being loaded from the user is larger than
  79. * what can be allocated by kmalloc, in those cases fall back to vmalloc.
  80. */
  81. void *__aa_kvmalloc(size_t size, gfp_t flags)
  82. {
  83. void *buffer = NULL;
  84. if (size == 0)
  85. return NULL;
  86. /* do not attempt kmalloc if we need more than 16 pages at once */
  87. if (size <= (16*PAGE_SIZE))
  88. buffer = kmalloc(size, flags | GFP_NOIO | __GFP_NOWARN);
  89. if (!buffer) {
  90. if (flags & __GFP_ZERO)
  91. buffer = vzalloc(size);
  92. else
  93. buffer = vmalloc(size);
  94. }
  95. return buffer;
  96. }