apparmor/include/resource.h

0001 /* SPDX-License-Identifier: GPL-2.0-only */
0002 /*
0003  * AppArmor security module
0004  *
0005  * This file contains AppArmor resource limits function definitions.
0006  *
0007  * Copyright (C) 1998-2008 Novell/SUSE
0008  * Copyright 2009-2010 Canonical Ltd.
0009  */
0010
0011 #ifndef __AA_RESOURCE_H
0012 #define __AA_RESOURCE_H
0013
0014 #include <linux/resource.h>
0015 #include <linux/sched.h>
0016
0017 #include "apparmorfs.h"
0018
0019 struct aa_profile;
0020
0021 /* struct aa_rlimit - rlimit settings for the profile
0022  * @mask: which hard limits to set
0023  * @limits: rlimit values that override task limits
0024  *
0025  * AppArmor rlimits are used to set confined task rlimits.  Only the
0026  * limits specified in @mask will be controlled by apparmor.
0027  */
0028 struct aa_rlimit {
0029     unsigned int mask;
0030     struct rlimit limits[RLIM_NLIMITS];
0031 };
0032
0033 extern struct aa_sfs_entry aa_sfs_entry_rlimit[];
0034
0035 int aa_map_resource(int resource);
0036 int aa_task_setrlimit(struct aa_label *label, struct task_struct *task,
0037               unsigned int resource, struct rlimit *new_rlim);
0038
0039 void __aa_transition_rlimits(struct aa_label *old, struct aa_label *new);
0040
0041 static inline void aa_free_rlimit_rules(struct aa_rlimit *rlims)
0042 {
0043     /* NOP */
0044 }
0045
0046 #endif /* __AA_RESOURCE_H */