2 * AppArmor security module
4 * This file contains AppArmor task related definitions and mediation
6 * Copyright 2017 Canonical Ltd.
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License as
10 * published by the Free Software Foundation, version 2 of the
17 static inline struct aa_task_ctx *task_ctx(struct task_struct *task)
19 return task->security + apparmor_blob_sizes.lbs_task;
23 * struct aa_task_ctx - information for current task label change
24 * @nnp: snapshot of label at time of no_new_privs
25 * @onexec: profile to transition to on next exec (MAY BE NULL)
26 * @previous: profile the task may return to (MAY BE NULL)
27 * @token: magic value the task must know for returning to @previous_profile
31 struct aa_label *onexec;
32 struct aa_label *previous;
36 int aa_replace_current_label(struct aa_label *label);
37 int aa_set_current_onexec(struct aa_label *label, bool stack);
38 int aa_set_current_hat(struct aa_label *label, u64 token);
39 int aa_restore_previous_label(u64 cookie);
40 struct aa_label *aa_get_task_label(struct task_struct *task);
43 * aa_free_task_ctx - free a task_ctx
44 * @ctx: task_ctx to free (MAYBE NULL)
46 static inline void aa_free_task_ctx(struct aa_task_ctx *ctx)
49 aa_put_label(ctx->nnp);
50 aa_put_label(ctx->previous);
51 aa_put_label(ctx->onexec);
56 * aa_dup_task_ctx - duplicate a task context, incrementing reference counts
57 * @new: a blank task context (NOT NULL)
58 * @old: the task context to copy (NOT NULL)
60 static inline void aa_dup_task_ctx(struct aa_task_ctx *new,
61 const struct aa_task_ctx *old)
64 aa_get_label(new->nnp);
65 aa_get_label(new->previous);
66 aa_get_label(new->onexec);
70 * aa_clear_task_ctx_trans - clear transition tracking info from the ctx
71 * @ctx: task context to clear (NOT NULL)
73 static inline void aa_clear_task_ctx_trans(struct aa_task_ctx *ctx)
77 aa_put_label(ctx->previous);
78 aa_put_label(ctx->onexec);
84 #endif /* __AA_TASK_H */