Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'apparmor-pr-2018-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor

Pull apparmor updates from John Johansen:
"There is nothing major this time just four bug fixes and a patch to
remove some dead code:

Cleanups:
- remove no-op permission check in policy_unpack

Bug fixes:
- fix an error code in __aa_create_ns()
- fix failure to audit context info in build_change_hat
- check buffer bounds when mapping permissions mask
- fully initialize aa_perms struct when answering userspace query"

* tag 'apparmor-pr-2018-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor:
apparmor: remove no-op permission check in policy_unpack
apparmor: fix an error code in __aa_create_ns()
apparmor: Fix failure to audit context info in build_change_hat
apparmor: Fully initialize aa_perms struct when answering userspace query
apparmor: Check buffer bounds when mapping permissions mask

+20 -44
+1 -4
security/apparmor/apparmorfs.c
··· 603 603 static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms, 604 604 const char *match_str, size_t match_len) 605 605 { 606 - struct aa_perms tmp; 606 + struct aa_perms tmp = { }; 607 607 struct aa_dfa *dfa; 608 608 unsigned int state = 0; 609 609 ··· 613 613 dfa = profile->file.dfa; 614 614 state = aa_dfa_match_len(dfa, profile->file.start, 615 615 match_str + 1, match_len - 1); 616 - tmp = nullperms; 617 616 if (state) { 618 617 struct path_cond cond = { }; 619 618 ··· 626 627 match_str, match_len); 627 628 if (state) 628 629 aa_compute_perms(dfa, state, &tmp); 629 - else 630 - tmp = nullperms; 631 630 } 632 631 aa_apply_modes_to_perms(profile, &tmp); 633 632 aa_perms_accum_raw(perms, &tmp);
+1 -1
security/apparmor/domain.c
··· 1036 1036 audit: 1037 1037 aa_audit_file(profile, &nullperms, OP_CHANGE_HAT, AA_MAY_CHANGEHAT, 1038 1038 name, hat ? hat->base.hname : NULL, 1039 - hat ? &hat->label : NULL, GLOBAL_ROOT_UID, NULL, 1039 + hat ? &hat->label : NULL, GLOBAL_ROOT_UID, info, 1040 1040 error); 1041 1041 if (!hat || (error && error != -ENOENT)) 1042 1042 return ERR_PTR(error);
+2 -1
security/apparmor/file.c
··· 47 47 { 48 48 char str[10]; 49 49 50 - aa_perm_mask_to_str(str, aa_file_perm_chrs, map_mask_to_chr_mask(mask)); 50 + aa_perm_mask_to_str(str, sizeof(str), aa_file_perm_chrs, 51 + map_mask_to_chr_mask(mask)); 51 52 audit_log_string(ab, str); 52 53 } 53 54
+2 -1
security/apparmor/include/perms.h
··· 137 137 xcheck(fn_for_each((L1), (P), (FN1)), fn_for_each((L2), (P), (FN2))) 138 138 139 139 140 - void aa_perm_mask_to_str(char *str, const char *chrs, u32 mask); 140 + void aa_perm_mask_to_str(char *str, size_t str_size, const char *chrs, 141 + u32 mask); 141 142 void aa_audit_perm_names(struct audit_buffer *ab, const char * const *names, 142 143 u32 mask); 143 144 void aa_audit_perm_mask(struct audit_buffer *ab, u32 mask, const char *chrs,
+13 -4
security/apparmor/lib.c
··· 198 198 /** 199 199 * aa_perm_mask_to_str - convert a perm mask to its short string 200 200 * @str: character buffer to store string in (at least 10 characters) 201 + * @str_size: size of the @str buffer 202 + * @chrs: NUL-terminated character buffer of permission characters 201 203 * @mask: permission mask to convert 202 204 */ 203 - void aa_perm_mask_to_str(char *str, const char *chrs, u32 mask) 205 + void aa_perm_mask_to_str(char *str, size_t str_size, const char *chrs, u32 mask) 204 206 { 205 207 unsigned int i, perm = 1; 208 + size_t num_chrs = strlen(chrs); 206 209 207 - for (i = 0; i < 32; perm <<= 1, i++) { 208 - if (mask & perm) 210 + for (i = 0; i < num_chrs; perm <<= 1, i++) { 211 + if (mask & perm) { 212 + /* Ensure that one byte is left for NUL-termination */ 213 + if (WARN_ON_ONCE(str_size <= 1)) 214 + break; 215 + 209 216 *str++ = chrs[i]; 217 + str_size--; 218 + } 210 219 } 211 220 *str = '\0'; 212 221 } ··· 245 236 246 237 audit_log_format(ab, "\""); 247 238 if ((mask & chrsmask) && chrs) { 248 - aa_perm_mask_to_str(str, chrs, mask & chrsmask); 239 + aa_perm_mask_to_str(str, sizeof(str), chrs, mask & chrsmask); 249 240 mask &= ~chrsmask; 250 241 audit_log_format(ab, "%s", str); 251 242 if (mask & namesmask)
+1 -1
security/apparmor/policy_ns.c
··· 255 255 256 256 ns = alloc_ns(parent->base.hname, name); 257 257 if (!ns) 258 - return NULL; 258 + return ERR_PTR(-ENOMEM); 259 259 ns->level = parent->level + 1; 260 260 mutex_lock_nested(&ns->lock, ns->level); 261 261 error = __aafs_ns_mkdir(ns, ns_subns_dir(parent), name, dir);
-32
security/apparmor/policy_unpack.c
··· 389 389 return res; 390 390 } 391 391 392 - #define DFA_VALID_PERM_MASK 0xffffffff 393 - #define DFA_VALID_PERM2_MASK 0xffffffff 394 - 395 - /** 396 - * verify_accept - verify the accept tables of a dfa 397 - * @dfa: dfa to verify accept tables of (NOT NULL) 398 - * @flags: flags governing dfa 399 - * 400 - * Returns: 1 if valid accept tables else 0 if error 401 - */ 402 - static bool verify_accept(struct aa_dfa *dfa, int flags) 403 - { 404 - int i; 405 - 406 - /* verify accept permissions */ 407 - for (i = 0; i < dfa->tables[YYTD_ID_ACCEPT]->td_lolen; i++) { 408 - int mode = ACCEPT_TABLE(dfa)[i]; 409 - 410 - if (mode & ~DFA_VALID_PERM_MASK) 411 - return 0; 412 - 413 - if (ACCEPT_TABLE2(dfa)[i] & ~DFA_VALID_PERM2_MASK) 414 - return 0; 415 - } 416 - return 1; 417 - } 418 392 419 393 /** 420 394 * unpack_dfa - unpack a file rule dfa ··· 419 445 if (IS_ERR(dfa)) 420 446 return dfa; 421 447 422 - if (!verify_accept(dfa, flags)) 423 - goto fail; 424 448 } 425 449 426 450 return dfa; 427 - 428 - fail: 429 - aa_put_dfa(dfa); 430 - return ERR_PTR(-EPROTO); 431 451 } 432 452 433 453 /**