CasperSecurity

Current Path : /snap/core24/1349/etc/apparmor.d/abstractions/
Upload File :
Current File : //snap/core24/1349/etc/apparmor.d/abstractions/opencl-pocl

# vim:syntax=apparmor
# OpenCL access requirements for POCL implementation

  abi <abi/4.0>,

  include <abstractions/opencl-common>

  # Executables

  /usr/bin/{,@{multiarch}-}ld.bfd Cx -> opencl_pocl_ld,
  /usr/lib/llvm-[0-9]*.[0-9]*/bin/clang Cx -> opencl_pocl_clang,

  # System files

  / r, # libpocl.so -> libhwloc.so
  @{sys}/bus/pci/slots/ r, # libpocl.so -> hwloc_topology_load() from libhwloc.so
  @{sys}/bus/{cpu,node}/devices/ r, # libpocl.so -> libhwlock.so
  @{sys}/class/net/ r, # libpocl.so -> hwloc_pci_traverse_lookuposdevices_cb() from libhwloc.so
  @{sys}/devices/@{pci_bus}/**/ r, # for libpocl ->  hwloc_linux_lookup_block_class() from libhwloc.so
  @{sys}/devices/@{pci_bus}/**/block/*/dev r, # libpocl.so -> hwloc_linux_lookup_host_block_class() from libhwloc.so
  @{sys}/devices/@{pci_bus}/**/{class,local_cpus} r, # libpocl.so -> libhwlock.so
  @{sys}/devices/@{pci_bus}/*/net/*/address r, # libpocl.so ->  hwloc_pci_traverse_lookuposdevices_cb() from libhwloc.so
  @{sys}/devices/system/cpu/ r, # libpocl.so -> libnuma.so
  @{sys}/devices/system/cpu/cpu[0-9]*/cache/index[0-9]*/* r, # libpocl.so -> libhwloc.so
  @{sys}/devices/system/cpu/cpu[0-9]*/online r, # libpocl.so -> libhwlock.so
  @{sys}/devices/system/cpu/cpu[0-9]*/topology/* r, # *_siblings, physical_package_id and lot's of others, for libpocl.so -> libhwloc.so
  @{sys}/devices/system/cpu/cpufreq/policy[0-9]*/* r, # for clGetPlatformIDs() from libpocl.so
  @{sys}/devices/system/cpu/possible r, # libpocl.so -> libhwloc.so
  @{sys}/devices/virtual/dmi/id/{,*} r, # libpocl.so -> libhwloc.so
  @{sys}/fs/cgroup/cpuset/cpuset.{cpus,mems} r, # libpocl.so -> libhwloc.so
  @{sys}/kernel/mm/hugepages{/,/**} r, # libpocl.so -> libhwloc.so
  /usr/share/pocl/** r,
  @{run}/udev/data/*:* r, # libpocl.so -> hwloc_linux_block_class_fillinfos() from libhwloc.so

  # User files

  owner @{HOME}/.cache/pocl/ w,
  owner @{HOME}/.cache/pocl/kcache/ w,
  owner @{HOME}/.cache/pocl/kcache/** rw,
  owner @{HOME}/.cache/pocl/kcache/**.so mrw, # dangerous!
  owner @{PROC}/@{pid}/{cgroup,cpuset,status} r, # libpocl.so -> libhwloc.so, status for libpocl.so -> libnuma.so

  # Child profiles

  profile opencl_pocl_ld {
    include <abstractions/base>

    # Main executables

    /usr/bin/{,@{multiarch}-}ld.bfd mr,

    # User files

    owner @{HOME}/.cache/pocl/kcache/tempfile*.so rw,
    owner @{HOME}/.cache/pocl/kcache/**.so.o r,
  }

  profile opencl_pocl_clang {
    include <abstractions/base>

    # Main executables

    /usr/lib/llvm-[0-9]*.[0-9]*/bin/clang mr,

    # Additional executables

    /usr/bin/{,@{multiarch}-}ld.bfd ix, # TODO: transfer to opencl_ld child profile?

    # System files

    /etc/debian-version r,
    /etc/lsb-release r,

    # User files

    owner @{HOME}/.cache/pocl/kcache/*/*/*/*/*.so{,.o} rw,
  }


  # Include additions to the abstraction
  include if exists <abstractions/opencl-pocl.d>
Hacker Blog, Shell İndir, Sql İnjection, XSS Attacks, LFI Attacks, Social Hacking, Exploit Bot, Proxy Tools, Web Shell, PHP Shell, Alfa Shell İndir, Hacking Training Set, DDoS Script, Denial Of Service, Botnet, RFI Attacks, Encryption
Telegram @BIBIL_0DAY