mirror of
https://github.com/torvalds/linux.git
synced 2025-11-04 02:30:34 +02:00
2ea3ffb778
Add basic mount mediation. That allows controlling based on basic
mount parameters. It does not include special mount parameters for
apparmor, super block labeling, or any triggers for apparmor namespace
parameter modifications on pivot root.
default userspace policy rules have the form of
MOUNT RULE = ( MOUNT | REMOUNT | UMOUNT )
MOUNT = [ QUALIFIERS ] 'mount' [ MOUNT CONDITIONS ] [ SOURCE FILEGLOB ]
[ '->' MOUNTPOINT FILEGLOB ]
REMOUNT = [ QUALIFIERS ] 'remount' [ MOUNT CONDITIONS ]
MOUNTPOINT FILEGLOB
UMOUNT = [ QUALIFIERS ] 'umount' [ MOUNT CONDITIONS ] MOUNTPOINT FILEGLOB
MOUNT CONDITIONS = [ ( 'fstype' | 'vfstype' ) ( '=' | 'in' )
MOUNT FSTYPE EXPRESSION ]
[ 'options' ( '=' | 'in' ) MOUNT FLAGS EXPRESSION ]
MOUNT FSTYPE EXPRESSION = ( MOUNT FSTYPE LIST | MOUNT EXPRESSION )
MOUNT FSTYPE LIST = Comma separated list of valid filesystem and
virtual filesystem types (eg ext4, debugfs, etc)
MOUNT FLAGS EXPRESSION = ( MOUNT FLAGS LIST | MOUNT EXPRESSION )
MOUNT FLAGS LIST = Comma separated list of MOUNT FLAGS.
MOUNT FLAGS = ( 'ro' | 'rw' | 'nosuid' | 'suid' | 'nodev' | 'dev' |
'noexec' | 'exec' | 'sync' | 'async' | 'remount' |
'mand' | 'nomand' | 'dirsync' | 'noatime' | 'atime' |
'nodiratime' | 'diratime' | 'bind' | 'rbind' | 'move' |
'verbose' | 'silent' | 'loud' | 'acl' | 'noacl' |
'unbindable' | 'runbindable' | 'private' | 'rprivate' |
'slave' | 'rslave' | 'shared' | 'rshared' |
'relatime' | 'norelatime' | 'iversion' | 'noiversion' |
'strictatime' | 'nouser' | 'user' )
MOUNT EXPRESSION = ( ALPHANUMERIC | AARE ) ...
PIVOT ROOT RULE = [ QUALIFIERS ] pivot_root [ oldroot=OLD PUT FILEGLOB ]
[ NEW ROOT FILEGLOB ]
SOURCE FILEGLOB = FILEGLOB
MOUNTPOINT FILEGLOB = FILEGLOB
eg.
mount,
mount /dev/foo,
mount options=ro /dev/foo -> /mnt/,
mount options in (ro,atime) /dev/foo -> /mnt/,
mount options=ro options=atime,
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
54 lines
1.5 KiB
C
54 lines
1.5 KiB
C
/*
|
|
* AppArmor security module
|
|
*
|
|
* This file contains AppArmor file mediation function definitions.
|
|
*
|
|
* Copyright 2017 Canonical Ltd.
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License as
|
|
* published by the Free Software Foundation, version 2 of the
|
|
* License.
|
|
*/
|
|
|
|
#ifndef __AA_MOUNT_H
|
|
#define __AA_MOUNT_H
|
|
|
|
#include <linux/fs.h>
|
|
#include <linux/path.h>
|
|
|
|
#include "domain.h"
|
|
#include "policy.h"
|
|
|
|
/* mount perms */
|
|
#define AA_MAY_PIVOTROOT 0x01
|
|
#define AA_MAY_MOUNT 0x02
|
|
#define AA_MAY_UMOUNT 0x04
|
|
#define AA_AUDIT_DATA 0x40
|
|
#define AA_MNT_CONT_MATCH 0x40
|
|
|
|
#define AA_MS_IGNORE_MASK (MS_KERNMOUNT | MS_NOSEC | MS_ACTIVE | MS_BORN)
|
|
|
|
int aa_remount(struct aa_label *label, const struct path *path,
|
|
unsigned long flags, void *data);
|
|
|
|
int aa_bind_mount(struct aa_label *label, const struct path *path,
|
|
const char *old_name, unsigned long flags);
|
|
|
|
|
|
int aa_mount_change_type(struct aa_label *label, const struct path *path,
|
|
unsigned long flags);
|
|
|
|
int aa_move_mount(struct aa_label *label, const struct path *path,
|
|
const char *old_name);
|
|
|
|
int aa_new_mount(struct aa_label *label, const char *dev_name,
|
|
const struct path *path, const char *type, unsigned long flags,
|
|
void *data);
|
|
|
|
int aa_umount(struct aa_label *label, struct vfsmount *mnt, int flags);
|
|
|
|
int aa_pivotroot(struct aa_label *label, const struct path *old_path,
|
|
const struct path *new_path);
|
|
|
|
#endif /* __AA_MOUNT_H */
|