linux-toradex.git/security/apparmor/mount.c, branch v6.3-rc3 Linux kernel for Apalis and Colibri modules apparmor: rework profile->rules to be a list 2022-10-03T21:49:04+00:00 John Johansen john.johansen@canonical.com 2022-09-06T03:47:36+00:00 1ad22fcc4d0d2fb2e0f35aed555a86d016d5e590 Convert profile->rules to a list as the next step towards supporting multiple rulesets in a profile. For this step only support a single list entry item. The logic for iterating the list will come as a separate step. Signed-off-by: John Johansen <john.johansen@canonical.com> 
Convert profile->rules to a list as the next step towards supporting
multiple rulesets in a profile. For this step only support a single
list entry item. The logic for iterating the list will come as a
separate step.

Signed-off-by: John Johansen <john.johansen@canonical.com>
apparmor: refactor profile rules and attachments 2022-10-03T21:49:04+00:00 John Johansen john.johansen@canonical.com 2022-07-30T00:17:31+00:00 217af7e2f4deb629aaa49622685ccfee923898ca In preparation for moving from a single set of rules and a single attachment to multiple rulesets and attachments separate from the profile refactor attachment information and ruleset info into their own structures. Signed-off-by: John Johansen <john.johansen@canonical.com> 
In preparation for moving from a single set of rules and a single
attachment to multiple rulesets and attachments separate from the
profile refactor attachment information and ruleset info into their
own structures.

Signed-off-by: John Johansen <john.johansen@canonical.com>
apparmor: add mediation class information to auditing 2022-10-03T21:49:03+00:00 John Johansen john.johansen@canonical.com 2022-04-19T23:25:55+00:00 8c4b785a86be1219f7d50f7b38266c454d6a9bbc Audit messages currently don't contain the mediation class which can make them less clear than they should be in some circumstances. With newer mediation classes coming this potential confusion will become worse. Fix this by adding the mediatin class to the messages. Signed-off-by: John Johansen <john.johansen@canonical.com> 
Audit messages currently don't contain the mediation class which can
make them less clear than they should be in some circumstances. With
newer mediation classes coming this potential confusion will become
worse.

Fix this by adding the mediatin class to the messages.

Signed-off-by: John Johansen <john.johansen@canonical.com>
apparmor: preparse for state being more than just an integer 2022-10-03T21:49:03+00:00 John Johansen john.johansen@canonical.com 2022-01-17T21:43:49+00:00 33fc95d8293cfca352ac875668857293e22d7d51 Convert from an unsigned int to a state_t for state position. This is a step in prepping for the state position carrying some additional flags, and a limited form of backtracking to support variables. Signed-off-by: John Johansen <john.johansen@canonical.com> 
Convert from an unsigned int to a state_t for state position. This is
a step in prepping for the state position carrying some additional
flags, and a limited form of backtracking to support variables.

Signed-off-by: John Johansen <john.johansen@canonical.com>
apparmor: convert policy lookup to use accept as an index 2022-10-03T21:49:03+00:00 John Johansen john.johansen@canonical.com 2022-07-16T08:53:46+00:00 e844fe9b51c984472ea98be3b2d1201ba9ee3213 Remap polidydb dfa accept table from embedded perms to an index, and then move the perm lookup to use the accept entry as an index into the perm table. This is done so that the perm table can be separated from the dfa, allowing dfa accept to index to share expanded permission sets. Signed-off-by: John Johansen <john.johansen@canonical.com> 
Remap polidydb dfa accept table from embedded perms to an index, and
then move the perm lookup to use the accept entry as an index into the
perm table. This is done so that the perm table can be separated from
the dfa, allowing dfa accept to index to share expanded permission
sets.

Signed-off-by: John Johansen <john.johansen@canonical.com>
apparmor: compute policydb permission on profile load 2022-10-03T21:49:03+00:00 John Johansen john.johansen@canonical.com 2020-11-17T09:38:16+00:00 e2967ede22978f132cd52929edff96c701bde0eb Rather than computing policydb permissions for each access permissions can be computed once on profile load and stored for lookup. Signed-off-by: John Johansen <john.johansen@canonical.com> 
Rather than computing policydb permissions for each access
permissions can be computed once on profile load and stored for lookup.

Signed-off-by: John Johansen <john.johansen@canonical.com>
apparmor: extend policydb permission set by making use of the xbits 2022-07-19T09:57:15+00:00 John Johansen john.johansen@canonical.com 2022-03-25T12:20:02+00:00 f567e7fada03d4c9c5f646a439ad2356371c4147 The policydb permission set has left the xbits unused. Make them available for mediation. Signed-off-by: John Johansen <john.johansen@canonical.com> 
The policydb permission set has left the xbits unused. Make them available
for mediation.

Signed-off-by: John Johansen <john.johansen@canonical.com>
apparmor: fix reference count leak in aa_pivotroot() 2022-07-09T22:13:59+00:00 Xin Xiong xiongx18@fudan.edu.cn 2022-04-28T03:39:08+00:00 11c3627ec6b56c1525013f336f41b79a983b4d46 The aa_pivotroot() function has a reference counting bug in a specific path. When aa_replace_current_label() returns on success, the function forgets to decrement the reference count of “target”, which is increased earlier by build_pivotroot(), causing a reference leak. Fix it by decreasing the refcount of “target” in that path. Fixes: 2ea3ffb7782a ("apparmor: add mount mediation") Co-developed-by: Xiyu Yang <xiyuyang19@fudan.edu.cn> Signed-off-by: Xiyu Yang <xiyuyang19@fudan.edu.cn> Co-developed-by: Xin Tan <tanxin.ctf@gmail.com> Signed-off-by: Xin Tan <tanxin.ctf@gmail.com> Signed-off-by: Xin Xiong <xiongx18@fudan.edu.cn> Signed-off-by: John Johansen <john.johansen@canonical.com> 
The aa_pivotroot() function has a reference counting bug in a specific
path. When aa_replace_current_label() returns on success, the function
forgets to decrement the reference count of “target”, which is
increased earlier by build_pivotroot(), causing a reference leak.

Fix it by decreasing the refcount of “target” in that path.

Fixes: 2ea3ffb7782a ("apparmor: add mount mediation")
Co-developed-by: Xiyu Yang <xiyuyang19@fudan.edu.cn>
Signed-off-by: Xiyu Yang <xiyuyang19@fudan.edu.cn>
Co-developed-by: Xin Tan <tanxin.ctf@gmail.com>
Signed-off-by: Xin Tan <tanxin.ctf@gmail.com>
Signed-off-by: Xin Xiong <xiongx18@fudan.edu.cn>
Signed-off-by: John Johansen <john.johansen@canonical.com>
apparmor: Fix match_mnt_path_str() and match_mnt() kernel-doc comment 2022-07-09T22:13:59+00:00 Yang Li yang.lee@linux.alibaba.com 2022-01-29T02:50:59+00:00 e21851b349b8dd0af00fc4d887983a2767eb393c Fix a spelling problem and change @mntpath to @path to remove warnings found by running scripts/kernel-doc, which is caused by using 'make W=1'. security/apparmor/mount.c:321: warning: Function parameter or member 'devname' not described in 'match_mnt_path_str' security/apparmor/mount.c:321: warning: Excess function parameter 'devnme' description in 'match_mnt_path_str' security/apparmor/mount.c:377: warning: Function parameter or member 'path' not described in 'match_mnt' security/apparmor/mount.c:377: warning: Excess function parameter 'mntpath' description in 'match_mnt' Reported-by: Abaci Robot <abaci@linux.alibaba.com> Signed-off-by: Yang Li <yang.lee@linux.alibaba.com> Signed-off-by: John Johansen <john.johansen@canonical.com> 
Fix a spelling problem and change @mntpath to @path to remove warnings
found by running scripts/kernel-doc, which is caused by using 'make W=1'.

security/apparmor/mount.c:321: warning: Function parameter or member
'devname' not described in 'match_mnt_path_str'
security/apparmor/mount.c:321: warning: Excess function parameter
'devnme' description in 'match_mnt_path_str'
security/apparmor/mount.c:377: warning: Function parameter or member
'path' not described in 'match_mnt'
security/apparmor/mount.c:377: warning: Excess function parameter
'mntpath' description in 'match_mnt'

Reported-by: Abaci Robot <abaci@linux.alibaba.com>
Signed-off-by: Yang Li <yang.lee@linux.alibaba.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
apparmor: Fix failed mount permission check error message 2022-07-09T22:13:59+00:00 John Johansen john.johansen@canonical.com 2022-01-25T08:37:42+00:00 ec240b5905bbb09a03dccffee03062cf39e38dc2 When the mount check fails due to a permission check failure instead of explicitly at one of the subcomponent checks, AppArmor is reporting a failure in the flags match. However this is not true and AppArmor can not attribute the error at this point to any particular component, and should only indicate the mount failed due to missing permissions. Fixes: 2ea3ffb7782a ("apparmor: add mount mediation") Signed-off-by: John Johansen <john.johansen@canonical.com> 
When the mount check fails due to a permission check failure instead
of explicitly at one of the subcomponent checks, AppArmor is reporting
a failure in the flags match. However this is not true and AppArmor
can not attribute the error at this point to any particular component,
and should only indicate the mount failed due to missing permissions.

Fixes: 2ea3ffb7782a ("apparmor: add mount mediation")
Signed-off-by: John Johansen <john.johansen@canonical.com>