linux-toradex.git/security/apparmor, branch v3.11-rc5 Linux kernel for Apalis and Colibri modules apparmor: no need to delay vfree() 2013-05-12T11:31:02+00:00 Al Viro viro@ZenIV.linux.org.uk 2013-05-06T02:10:35+00:00 b5b3ee6c9cca8b6e1aa8c757e570f08f802c5573 vfree() can be called from interrupt contexts now Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Acked-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <james.l.morris@oracle.com> 
vfree() can be called from interrupt contexts now

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Acked-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
apparmor: fix fully qualified name parsing 2013-04-28T07:39:37+00:00 John Johansen john.johansen@canonical.com 2013-02-27T11:45:05+00:00 2654bfbc2bd0e1e64f0b257c21da23f6cec32c6c currently apparmor name parsing is only correctly handling :<NS>:<profile> but :<NS>://<profile> is also a valid form and what is exported to userspace. Signed-off-by: John Johansen <john.johansen@canonical.com> 
currently apparmor name parsing is only correctly handling
:<NS>:<profile>

but
:<NS>://<profile>

is also a valid form and what is exported to userspace.

Signed-off-by: John Johansen <john.johansen@canonical.com>
apparmor: fix setprocattr arg processing for onexec 2013-04-28T07:39:36+00:00 John Johansen john.johansen@canonical.com 2013-02-27T11:44:40+00:00 3eea57c26e49a5add4c053a031cc2a1977b7c48e the exec file isn't processing its command arg. It should only set be responding to a command of exec. Also cleanup setprocattr some more while we are at it. Signed-off-by: John Johansen <john.johansen@canonical.com> 
the exec file isn't processing its command arg. It should only set be
responding to a command of exec.

Also cleanup setprocattr some more while we are at it.

Signed-off-by: John Johansen <john.johansen@canonical.com>
apparmor: localize getting the security context to a few macros 2013-04-28T07:39:35+00:00 John Johansen john.johansen@canonical.com 2013-02-27T11:43:40+00:00 214beacaa7b669473bc963af719fa359a8312ea4 Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com> 
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
apparmor: fix sparse warnings 2013-04-28T07:39:35+00:00 John Johansen john.johansen@canonical.com 2013-02-21T21:25:44+00:00 53fe8b9961716033571d9799005bfdbbafa5162c Fix a couple of warning reported by sparse Signed-off-by: John Johansen <john.johansen@canonical.com> 
Fix a couple of warning reported by sparse

Signed-off-by: John Johansen <john.johansen@canonical.com>
apparmor: Fix smatch warning in aa_remove_profiles 2013-04-28T07:39:34+00:00 John Johansen john.johansen@canonical.com 2013-02-21T09:14:17+00:00 41d1b3e868c263e8b43dd5903a70633e05ae58a6 smatch reports error: potential NULL dereference 'ns'. this can not actually occur because it relies on aa_split_fqname setting both ns_name and name as null but ns_name will actually always have a value in this case. so remove the unnecessary if (ns_name) conditional that is resulting in the false positive further down. Signed-off-by: John Johansen <john.johansen@canonical.com> 
smatch reports
  error: potential NULL dereference 'ns'.

this can not actually occur because it relies on aa_split_fqname setting
both ns_name and name as null but ns_name will actually always have a
value in this case.

so remove the unnecessary if (ns_name) conditional that is resulting
in the false positive further down.

Signed-off-by: John Johansen <john.johansen@canonical.com>
apparmor: fix the audit type table 2013-04-28T07:37:41+00:00 John Johansen john.johansen@canonical.com 2013-02-19T00:13:34+00:00 b492d50bf597b87ab7ea1e738ec837f74b11594e The audit type table is missing a comma so that KILLED comes out as KILLEDAUTO. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Steve Beattie <sbeattie@ubuntu.com> 
The audit type table is missing a comma so that KILLED comes out as
KILLEDAUTO.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <sbeattie@ubuntu.com>
apparmor: reserve and mask off the top 8 bits of the base field 2013-04-28T07:37:32+00:00 John Johansen john.johansen@canonical.com 2013-02-19T00:12:34+00:00 ed686308c6837ff67f56e4115d0fd6bdc65a4313 The top 8 bits of the base field have never been used, in fact can't be used, by the current 'dfa16' format. However they will be used in the future as flags, so mask them off when using base as an index value. Note: the use of the top 8 bits, without masking is trapped by the verify checks that base entries are within the size bounds. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees@ubuntu.com> 
The top 8 bits of the base field have never been used, in fact can't
be used, by the current 'dfa16' format.  However they will be used in the
future as flags, so mask them off when using base as an index value.

Note: the use of the top 8 bits, without masking is trapped by the verify
      checks that base entries are within the size bounds.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <kees@ubuntu.com>
apparmor: move the free_profile fn ahead of aa_alloc_profile 2013-04-28T07:37:24+00:00 John Johansen john.johansen@canonical.com 2013-02-19T00:11:34+00:00 4da05cc08da3f2058cecbe42ed9f4803d669730a Move the free_profile fn ahead of aa_alloc_profile so it can be used in aa_alloc_profile without a forward declaration. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees@ubuntu.com> 
Move the free_profile fn ahead of aa_alloc_profile so it can be used
in aa_alloc_profile without a forward declaration.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <kees@ubuntu.com>
apparmor: remove sid from profiles 2013-04-28T07:37:13+00:00 John Johansen john.johansen@canonical.com 2013-02-19T00:10:34+00:00 a4987857d2c958b93b2faafe0811eea1a63ff59a The sid is not going to be a direct property of a profile anymore, instead it will be directly related to the label, and the profile will pickup a label back reference. For null-profiles replace the use of sid with a per namespace unique id. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees@ubuntu.com> 
The sid is not going to be a direct property of a profile anymore, instead
it will be directly related to the label, and the profile will pickup
a label back reference.

For null-profiles replace the use of sid with a per namespace unique
id.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <kees@ubuntu.com>