[PATCH 5/7] AppArmor: Make chroot relative the default path lookup type

From: John Johansen
Date: Mon Feb 27 2012 - 17:23:50 EST

Next message: John Johansen: "[PATCH 6/7] AppArmor: Add ability to load extended policy"
Previous message: John Johansen: "[PATCH 2/7] AppArmor: Minor cleanup of d_namespace_path to consolidate error handling"
In reply to: John Johansen: "[PATCH 2/7] AppArmor: Minor cleanup of d_namespace_path to consolidate error handling"
Next in thread: John Johansen: "[PATCH 6/7] AppArmor: Add ability to load extended policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Profiles that want name lookup past the chroot to the namespace root
must be marked as such, all other profiles should be chroot relative.

Currently the autogenerated null (learning), and unconfined profiles are
not marked as such. Make sure they are properly flagged. This should not
affect behavior except for auto-generated profiles when a chroot is entered.
Profiles loaded from userspace will not be affected as they provide their
own value for the flag.

This change does not affect mediation as it only changes the path reported by
the unconfined (none mediating), an null learning profiles.

Also ensure that if a profile is ever loaded with out path flags set, that
it defaults to being chroot relative.

Signed-off-by: John Johansen <john.johansen@xxxxxxxxxxxxx>
Acked-by: Kees Cook <kees@xxxxxxxxxx>
---
security/apparmor/policy.c | 3 +++
security/apparmor/policy_unpack.c | 3 ++-
2 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index 4f0eade..537e5dc 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -655,6 +655,9 @@ struct aa_profile *aa_alloc_profile(const char *hname)
return NULL;
}

+ /* default to chroot relative paths */
+ profile->path_flags = PATH_CHROOT_REL;
+
/* refcount released by caller */
return profile;
}
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index 5c46acf..6137b10 100644
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -25,6 +25,7 @@
#include "include/audit.h"
#include "include/context.h"
#include "include/match.h"
+#include "include/path.h"
#include "include/policy.h"
#include "include/policy_unpack.h"
#include "include/sid.h"
@@ -523,7 +524,7 @@ static struct aa_profile *unpack_profile(struct aa_ext *e)
profile->path_flags |= profile->flags & PFLAG_MEDIATE_DELETED;
else
/* set a default value if path_flags field is not present */
- profile->path_flags = PFLAG_MEDIATE_DELETED;
+ profile->path_flags = PFLAG_MEDIATE_DELETED | PATH_CHROOT_REL;

if (!unpack_u32(e, &(profile->caps.allow.cap[0]), NULL))
goto fail;
--
1.7.9

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: John Johansen: "[PATCH 6/7] AppArmor: Add ability to load extended policy"
Previous message: John Johansen: "[PATCH 2/7] AppArmor: Minor cleanup of d_namespace_path to consolidate error handling"
In reply to: John Johansen: "[PATCH 2/7] AppArmor: Minor cleanup of d_namespace_path to consolidate error handling"
Next in thread: John Johansen: "[PATCH 6/7] AppArmor: Add ability to load extended policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]