<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-toradex.git/security/apparmor/apparmorfs.c, branch v4.9.107</title>
<subtitle>Linux kernel for Apalis and Colibri modules</subtitle>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/'/>
<entry>
<title>fs: Replace CURRENT_TIME with current_time() for inode timestamps</title>
<updated>2016-09-28T01:06:21+00:00</updated>
<author>
<name>Deepa Dinamani</name>
<email>deepa.kernel@gmail.com</email>
</author>
<published>2016-09-14T14:48:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=078cd8279e659989b103359bb22373cc79445bde'/>
<id>078cd8279e659989b103359bb22373cc79445bde</id>
<content type='text'>
CURRENT_TIME macro is not appropriate for filesystems as it
doesn't use the right granularity for filesystem timestamps.
Use current_time() instead.

CURRENT_TIME is also not y2038 safe.

This is also in preparation for the patch that transitions
vfs timestamps to use 64 bit time and hence make them
y2038 safe. As part of the effort current_time() will be
extended to do range checks. Hence, it is necessary for all
file system timestamps to use current_time(). Also,
current_time() will be transitioned along with vfs to be
y2038 safe.

Note that whenever a single call to current_time() is used
to change timestamps in different inodes, it is because they
share the same time granularity.

Signed-off-by: Deepa Dinamani &lt;deepa.kernel@gmail.com&gt;
Reviewed-by: Arnd Bergmann &lt;arnd@arndb.de&gt;
Acked-by: Felipe Balbi &lt;balbi@kernel.org&gt;
Acked-by: Steven Whitehouse &lt;swhiteho@redhat.com&gt;
Acked-by: Ryusuke Konishi &lt;konishi.ryusuke@lab.ntt.co.jp&gt;
Acked-by: David Sterba &lt;dsterba@suse.com&gt;
Signed-off-by: Al Viro &lt;viro@zeniv.linux.org.uk&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
CURRENT_TIME macro is not appropriate for filesystems as it
doesn't use the right granularity for filesystem timestamps.
Use current_time() instead.

CURRENT_TIME is also not y2038 safe.

This is also in preparation for the patch that transitions
vfs timestamps to use 64 bit time and hence make them
y2038 safe. As part of the effort current_time() will be
extended to do range checks. Hence, it is necessary for all
file system timestamps to use current_time(). Also,
current_time() will be transitioned along with vfs to be
y2038 safe.

Note that whenever a single call to current_time() is used
to change timestamps in different inodes, it is because they
share the same time granularity.

Signed-off-by: Deepa Dinamani &lt;deepa.kernel@gmail.com&gt;
Reviewed-by: Arnd Bergmann &lt;arnd@arndb.de&gt;
Acked-by: Felipe Balbi &lt;balbi@kernel.org&gt;
Acked-by: Steven Whitehouse &lt;swhiteho@redhat.com&gt;
Acked-by: Ryusuke Konishi &lt;konishi.ryusuke@lab.ntt.co.jp&gt;
Acked-by: David Sterba &lt;dsterba@suse.com&gt;
Signed-off-by: Al Viro &lt;viro@zeniv.linux.org.uk&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: use list_next_entry instead of list_entry_next</title>
<updated>2016-07-12T15:43:10+00:00</updated>
<author>
<name>Geliang Tang</name>
<email>geliangtang@163.com</email>
</author>
<published>2015-11-16T13:46:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=38dbd7d8be36b5e68c96a24b406f3653180c1c03'/>
<id>38dbd7d8be36b5e68c96a24b406f3653180c1c03</id>
<content type='text'>
list_next_entry has been defined in list.h, so I replace list_entry_next
with it.

Signed-off-by: Geliang Tang &lt;geliangtang@163.com&gt;
Acked-by: Serge Hallyn &lt;serge.hallyn@canonical.com&gt;
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
list_next_entry has been defined in list.h, so I replace list_entry_next
with it.

Signed-off-by: Geliang Tang &lt;geliangtang@163.com&gt;
Acked-by: Serge Hallyn &lt;serge.hallyn@canonical.com&gt;
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: fix ref count leak when profile sha1 hash is read</title>
<updated>2016-07-12T15:43:10+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2015-11-18T19:41:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=0b938a2e2cf0b0a2c8bac9769111545aff0fee97'/>
<id>0b938a2e2cf0b0a2c8bac9769111545aff0fee97</id>
<content type='text'>
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: fix update the mtime of the profile file on replacement</title>
<updated>2016-07-12T15:43:10+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2014-07-25T11:01:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=d671e890205a663429da74e1972e652bea4d73ab'/>
<id>d671e890205a663429da74e1972e652bea4d73ab</id>
<content type='text'>
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>VFS: security/: d_inode() annotations</title>
<updated>2015-04-15T19:06:57+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2015-02-19T10:47:02+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=ce0b16ddf18df35026164fda4a642ef10c01f442'/>
<id>ce0b16ddf18df35026164fda4a642ef10c01f442</id>
<content type='text'>
... except where that code acts as a filesystem driver, rather than
working with dentries given to it.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
Signed-off-by: Al Viro &lt;viro@zeniv.linux.org.uk&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
... except where that code acts as a filesystem driver, rather than
working with dentries given to it.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
Signed-off-by: Al Viro &lt;viro@zeniv.linux.org.uk&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: fix bad lock balance when introspecting policy</title>
<updated>2013-10-16T00:54:01+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2013-10-14T18:46:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=ed2c7da3a40c58410508fe24e12d03e508d7ec01'/>
<id>ed2c7da3a40c58410508fe24e12d03e508d7ec01</id>
<content type='text'>
BugLink: http://bugs.launchpad.net/bugs/1235977

The profile introspection seq file has a locking bug when policy is viewed
from a virtual root (task in a policy namespace), introspection from the
real root is not affected.

The test for root
    while (parent) {
is correct for the real root, but incorrect for tasks in a policy namespace.
This allows the task to walk backup the policy tree past its virtual root
causing it to be unlocked before the virtual root should be in the p_stop
fn.

This results in the following lockdep back trace:
[   78.479744] [ BUG: bad unlock balance detected! ]
[   78.479792] 3.11.0-11-generic #17 Not tainted
[   78.479838] -------------------------------------
[   78.479885] grep/2223 is trying to release lock (&amp;ns-&gt;lock) at:
[   78.479952] [&lt;ffffffff817bf3be&gt;] mutex_unlock+0xe/0x10
[   78.480002] but there are no more locks to release!
[   78.480037]
[   78.480037] other info that might help us debug this:
[   78.480037] 1 lock held by grep/2223:
[   78.480037]  #0:  (&amp;p-&gt;lock){+.+.+.}, at: [&lt;ffffffff812111bd&gt;] seq_read+0x3d/0x3d0
[   78.480037]
[   78.480037] stack backtrace:
[   78.480037] CPU: 0 PID: 2223 Comm: grep Not tainted 3.11.0-11-generic #17
[   78.480037] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   78.480037]  ffffffff817bf3be ffff880007763d60 ffffffff817b97ef ffff8800189d2190
[   78.480037]  ffff880007763d88 ffffffff810e1c6e ffff88001f044730 ffff8800189d2190
[   78.480037]  ffffffff817bf3be ffff880007763e00 ffffffff810e5bd6 0000000724fe56b7
[   78.480037] Call Trace:
[   78.480037]  [&lt;ffffffff817bf3be&gt;] ? mutex_unlock+0xe/0x10
[   78.480037]  [&lt;ffffffff817b97ef&gt;] dump_stack+0x54/0x74
[   78.480037]  [&lt;ffffffff810e1c6e&gt;] print_unlock_imbalance_bug+0xee/0x100
[   78.480037]  [&lt;ffffffff817bf3be&gt;] ? mutex_unlock+0xe/0x10
[   78.480037]  [&lt;ffffffff810e5bd6&gt;] lock_release_non_nested+0x226/0x300
[   78.480037]  [&lt;ffffffff817bf2fe&gt;] ? __mutex_unlock_slowpath+0xce/0x180
[   78.480037]  [&lt;ffffffff817bf3be&gt;] ? mutex_unlock+0xe/0x10
[   78.480037]  [&lt;ffffffff810e5d5c&gt;] lock_release+0xac/0x310
[   78.480037]  [&lt;ffffffff817bf2b3&gt;] __mutex_unlock_slowpath+0x83/0x180
[   78.480037]  [&lt;ffffffff817bf3be&gt;] mutex_unlock+0xe/0x10
[   78.480037]  [&lt;ffffffff81376c91&gt;] p_stop+0x51/0x90
[   78.480037]  [&lt;ffffffff81211408&gt;] seq_read+0x288/0x3d0
[   78.480037]  [&lt;ffffffff811e9d9e&gt;] vfs_read+0x9e/0x170
[   78.480037]  [&lt;ffffffff811ea8cc&gt;] SyS_read+0x4c/0xa0
[   78.480037]  [&lt;ffffffff817ccc9d&gt;] system_call_fastpath+0x1a/0x1f

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Signed-off-by: James Morris &lt;james.l.morris@oracle.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
BugLink: http://bugs.launchpad.net/bugs/1235977

The profile introspection seq file has a locking bug when policy is viewed
from a virtual root (task in a policy namespace), introspection from the
real root is not affected.

The test for root
    while (parent) {
is correct for the real root, but incorrect for tasks in a policy namespace.
This allows the task to walk backup the policy tree past its virtual root
causing it to be unlocked before the virtual root should be in the p_stop
fn.

This results in the following lockdep back trace:
[   78.479744] [ BUG: bad unlock balance detected! ]
[   78.479792] 3.11.0-11-generic #17 Not tainted
[   78.479838] -------------------------------------
[   78.479885] grep/2223 is trying to release lock (&amp;ns-&gt;lock) at:
[   78.479952] [&lt;ffffffff817bf3be&gt;] mutex_unlock+0xe/0x10
[   78.480002] but there are no more locks to release!
[   78.480037]
[   78.480037] other info that might help us debug this:
[   78.480037] 1 lock held by grep/2223:
[   78.480037]  #0:  (&amp;p-&gt;lock){+.+.+.}, at: [&lt;ffffffff812111bd&gt;] seq_read+0x3d/0x3d0
[   78.480037]
[   78.480037] stack backtrace:
[   78.480037] CPU: 0 PID: 2223 Comm: grep Not tainted 3.11.0-11-generic #17
[   78.480037] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   78.480037]  ffffffff817bf3be ffff880007763d60 ffffffff817b97ef ffff8800189d2190
[   78.480037]  ffff880007763d88 ffffffff810e1c6e ffff88001f044730 ffff8800189d2190
[   78.480037]  ffffffff817bf3be ffff880007763e00 ffffffff810e5bd6 0000000724fe56b7
[   78.480037] Call Trace:
[   78.480037]  [&lt;ffffffff817bf3be&gt;] ? mutex_unlock+0xe/0x10
[   78.480037]  [&lt;ffffffff817b97ef&gt;] dump_stack+0x54/0x74
[   78.480037]  [&lt;ffffffff810e1c6e&gt;] print_unlock_imbalance_bug+0xee/0x100
[   78.480037]  [&lt;ffffffff817bf3be&gt;] ? mutex_unlock+0xe/0x10
[   78.480037]  [&lt;ffffffff810e5bd6&gt;] lock_release_non_nested+0x226/0x300
[   78.480037]  [&lt;ffffffff817bf2fe&gt;] ? __mutex_unlock_slowpath+0xce/0x180
[   78.480037]  [&lt;ffffffff817bf3be&gt;] ? mutex_unlock+0xe/0x10
[   78.480037]  [&lt;ffffffff810e5d5c&gt;] lock_release+0xac/0x310
[   78.480037]  [&lt;ffffffff817bf2b3&gt;] __mutex_unlock_slowpath+0x83/0x180
[   78.480037]  [&lt;ffffffff817bf3be&gt;] mutex_unlock+0xe/0x10
[   78.480037]  [&lt;ffffffff81376c91&gt;] p_stop+0x51/0x90
[   78.480037]  [&lt;ffffffff81211408&gt;] seq_read+0x288/0x3d0
[   78.480037]  [&lt;ffffffff811e9d9e&gt;] vfs_read+0x9e/0x170
[   78.480037]  [&lt;ffffffff811ea8cc&gt;] SyS_read+0x4c/0xa0
[   78.480037]  [&lt;ffffffff817ccc9d&gt;] system_call_fastpath+0x1a/0x1f

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Signed-off-by: James Morris &lt;james.l.morris@oracle.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: add the ability to report a sha1 hash of loaded policy</title>
<updated>2013-08-14T18:42:08+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2013-08-14T18:27:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=f8eb8a1324e81927b2c64823b2fc38386efd3fef'/>
<id>f8eb8a1324e81927b2c64823b2fc38386efd3fef</id>
<content type='text'>
Provide userspace the ability to introspect a sha1 hash value for each
profile currently loaded.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Provide userspace the ability to introspect a sha1 hash value for each
profile currently loaded.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: export set of capabilities supported by the apparmor module</title>
<updated>2013-08-14T18:42:07+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2013-08-14T18:27:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=84f1f787421cd83bb7dfb34d584586f6a5fe7baa'/>
<id>84f1f787421cd83bb7dfb34d584586f6a5fe7baa</id>
<content type='text'>
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: add the profile introspection file to interface</title>
<updated>2013-08-14T18:42:07+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2013-07-11T04:18:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=29b3822f1e132aa0f115f69730d6e4182df153d4'/>
<id>29b3822f1e132aa0f115f69730d6e4182df153d4</id>
<content type='text'>
Add the dynamic namespace relative profiles file to the interace, to allow
introspection of loaded profiles and their modes.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Kees Cook &lt;kees@ubuntu.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Add the dynamic namespace relative profiles file to the interace, to allow
introspection of loaded profiles and their modes.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Kees Cook &lt;kees@ubuntu.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: add an optional profile attachment string for profiles</title>
<updated>2013-08-14T18:42:07+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2013-07-11T04:17:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=556d0be74b19cb6288e5eb2f3216eac247d87968'/>
<id>556d0be74b19cb6288e5eb2f3216eac247d87968</id>
<content type='text'>
Add the ability to take in and report a human readable profile attachment
string for profiles so that attachment specifications can be easily
inspected.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Add the ability to take in and report a human readable profile attachment
string for profiles so that attachment specifications can be easily
inspected.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
