Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v6.1.87 2022-07-09T22:13:59+00:00 2022-07-09T22:13:59+00:00 John Johansen john.johansen@canonical.com 2021-04-29T08:48:28+00:00 urn:sha1:68ff8540cc9e4ab557065b3f635c1ff4c96e1f1c Global quieting of denied AppArmor generated file events is not handled correctly. Unfortunately the is checking if quieting of all audit events is set instead of just denied events. Fixes: 67012e8209df ("AppArmor: basic auditing infrastructure.") Signed-off-by: John Johansen <john.johansen@canonical.com> 2020-07-21T15:12:31+00:00 Richard Guy Briggs rgb@redhat.com 2020-07-13T19:51:59+00:00 urn:sha1:f1d9b23cabc61e58509164c3c3132556476491d2 audit_log_string() was inteded to be an internal audit function and since there are only two internal uses, remove them. Purge all external uses of it by restructuring code to use an existing audit_log_format() or using audit_log_format(). Please see the upstream issue https://github.com/linux-audit/audit-kernel/issues/84 Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com> 2020-05-21T22:25:51+00:00 Navid Emamdoost navid.emamdoost@gmail.com 2019-10-21T15:23:47+00:00 urn:sha1:c54d481d71c6849e044690d3960aaebc730224cc In the implementation of aa_audit_rule_init(), when aa_label_parse() fails the allocated memory for rule is released using aa_audit_rule_free(). But after this release, the return statement tries to access the label field of the rule which results in use-after-free. Before releasing the rule, copy errNo and return it after release. Fixes: 52e8c38001d8 ("apparmor: Fix memory leak of rule on error exit path") Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com> Signed-off-by: John Johansen <john.johansen@canonical.com> 2019-06-05T15:37:17+00:00 Thomas Gleixner tglx@linutronix.de 2019-06-01T08:08:55+00:00 urn:sha1:b886d83c5b621abc84ff9616f14c529be3f6b147 Based on 1 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license as published by the free software foundation version 2 of the license extracted by the scancode license scanner the SPDX license identifier GPL-2.0-only has been chosen to replace the boilerplate/reference in 315 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Allison Randal <allison@lohutok.net> Reviewed-by: Armijn Hemel <armijn@tjaldur.nl> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190531190115.503150771@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2019-02-01T04:00:15+00:00 Richard Guy Briggs rgb@redhat.com 2019-01-31T16:52:11+00:00 urn:sha1:90462a5bd30c6ed91c6758e59537d047d7878ff9 The audit_rule_match() struct audit_context *actx parameter is not used by any in-tree consumers (selinux, apparmour, integrity, smack). The audit context is an internal audit structure that should only be accessed by audit accessor functions. It was part of commit 03d37d25e0f9 ("LSM/Audit: Introduce generic Audit LSM hooks") but appears to have never been used. Remove it. Please see the github issue https://github.com/linux-audit/audit-kernel/issues/107 Signed-off-by: Richard Guy Briggs <rgb@redhat.com> [PM: fixed the referenced commit title] Signed-off-by: Paul Moore <paul@paul-moore.com> 2018-06-07T08:50:48+00:00 Tyler Hicks tyhicks@canonical.com 2018-05-17T19:53:45+00:00 urn:sha1:52e8c38001d8ef0ca07ef428e480cd4a35e46abf Currently on the error exit path the allocated rule is not free'd causing a memory leak. Fix this by calling aa_audit_rule_free(). Detected by CoverityScan, CID#1468966 ("Resource leaks") Fixes: cb740f574c7b ("apparmor: modify audit rule support to support profile stacks") Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com> 2018-06-07T08:50:48+00:00 John Johansen john.johansen@canonical.com 2018-05-03T07:39:58+00:00 urn:sha1:2ab47dae54d567bbb1ad3e96e5b2601cc13f4d2b Allows for audit rules, where a rule could specify a profile stack A//&B, while extending the current semantic so if the label specified in the audit rule is a subset of the secid it is considered a match. Eg. if the secid resolves to the label stack A//&B//&C Then an audit rule specifying a label of A - would match B - would match C - would match D - would not A//&B - would match as a subset A//&C - would match as a subset B//&C - would match as a subset A//&B//&C - would match A//&D - would not match, because while A does match, D is also specified and does not Note: audit rules are currently assumed to be coming from the root namespace. Signed-off-by: John Johansen <john.johansen@canonical.com> 2018-06-07T08:50:47+00:00 Matthew Garrett mjg59@google.com 2018-04-16T18:23:58+00:00 urn:sha1:e79c26d04043b15de64f082d4da52e9fff7ca607 This patch adds support to Apparmor for integrating with audit rule filtering. Right now it only handles SUBJ_ROLE, interpreting it as a single component of a label. This is sufficient to get Apparmor working with IMA's appraisal rules without any modifications on the IMA side. Signed-off-by: Matthew Garrett <mjg59@google.com> Signed-off-by: John Johansen <john.johansen@canonical.com> 2017-06-11T00:11:38+00:00 John Johansen john.johansen@canonical.com 2017-06-09T15:14:28+00:00 urn:sha1:637f688dc3dc304a89f441d76f49a0e35bc49c08 Begin the actual switch to using domain labels by storing them on the context and converting the label to a singular profile where possible. Signed-off-by: John Johansen <john.johansen@canonical.com> 2017-01-16T09:18:56+00:00 John Johansen john.johansen@canonical.com 2017-01-16T08:43:15+00:00 urn:sha1:e6bfa25deb5096c05a08f01e4d6a436dd331fa88 AA_BUG() uses WARN and won't break the kernel like BUG_ON(). Signed-off-by: John Johansen <john.johansen@canonical.com>