From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751028AbdAPJ0X (ORCPT ); Mon, 16 Jan 2017 04:26:23 -0500 Received: from youngberry.canonical.com ([91.189.89.112]:44620 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750864AbdAPJ0W (ORCPT ); Mon, 16 Jan 2017 04:26:22 -0500 From: John Johansen Subject: [GIT PULL] AppArmor fixes for 4.11 To: James Morris Cc: linux-security-module@vger.kernel.org, LKLM Organization: Canonical Message-ID: Date: Mon, 16 Jan 2017 01:26:05 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="K0gHp2UKieB4XIaNdqsKkqlA2BBmRtBvV" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --K0gHp2UKieB4XIaNdqsKkqlA2BBmRtBvV Content-Type: multipart/mixed; boundary="RmUOHF0IdLaP5aC1e3HpoSmkpCoVQXteu"; protected-headers="v1" From: John Johansen To: James Morris Cc: linux-security-module@vger.kernel.org, LKLM Message-ID: Subject: [GIT PULL] AppArmor fixes for 4.11 --RmUOHF0IdLaP5aC1e3HpoSmkpCoVQXteu Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi James, This is a set of bug fixes, a few additions to apparmorfs policy introspection, a lot of code refactoring, and cleanups taking care of most of the compiler and sparse warnings. It does not implement new mediation or change the behavior of current upstream apparmor mediation but provides a base to begin doing RFCs for updated apparmor mediation. Thanks, -John --- The following changes since commit b8aa8453918ebfd93d78de56c2afd4b735e02e= 27: security: Fix inode_getattr documentation (2017-01-10 17:39:23 +1100) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor for-sec= urity for you to fetch changes up to e6bfa25deb5096c05a08f01e4d6a436dd331fa88: apparmor: replace remaining BUG_ON() asserts with AA_BUG() (2017-01-16 = 01:18:56 -0800) ---------------------------------------------------------------- John Johansen (56): apparmor: move lib definitions into separate lib include apparmor: split out shared policy_XXX fns to lib apparmor: split apparmor policy namespaces code into its own file apparmor: rename namespace to ns to improve code line lengths apparmor: rename sid to secid apparmor: rename PFLAG_INVALID to PFLAG_STALE apparmor: rename replacedby to proxy apparmor: add strn version of lookup_profile fn apparmor: add strn version of aa_find_ns apparmor: add lib fn to find the "split" for fqnames apparmor: add fn to lookup profiles by fqname apparmor: allow ns visibility question to consider subnses apparmor: add macro for bug asserts to check that a lock is held apparmor: add debug assert AA_BUG and Kconfig to control debug info= apparmor: rename mediated_filesystem() to path_mediated_fs() apparmor: rename hname_tail to basename apparmor: constify policy name and hname apparmor: pass gfp param into aa_policy_init() apparmor: update policy_destroy to use new debug asserts apparmor: refactor prepare_ns() and make usable from different view= s apparmor: pass gfp_t parameter into profile allocation apparmor: name null-XXX profiles after the executable apparmor: remove paranoid load switch apparmor: add support for force complain flag to support learning m= ode apparmor: prepare to support newer versions of policy apparmor: add get_dfa() fn apparmor: allow policydb to be used as the file dfa apparmor: add a default null dfa apparmor: provide userspace flag indicating binfmt_elf_mmap change apparmor: add special .null file used to "close" fds at exec apparmor: track ns level so it can be used to help in view checks apparmor: Make aa_remove_profile() callable from a different view apparmor: allow introspecting the policy namespace name apparmor: allow specifying the profile doing the management apparmor: add ns being viewed as a param to policy_view_capable() apparmor: add ns being viewed as a param to policy_admin_capable() apparmor: add profile and ns params to aa_may_manage_policy() apparmor: add ns name to the audit data for policy loads apparmor: allow introspecting the loaded policy pre internal transf= orm apparmor: audit policy ns specified in policy load apparmor: pass the subject profile into profile replace/remove apparmor: add per policy ns .load, .replace, .remove interface file= s apparmor: fail task profile update if current_cred isn't real_cred apparmor: rename context abreviation cxt to the more standard ctx apparmor: change op from int to const char * apparmor: change aad apparmor_audit_data macro to a fn macro apparmor: remove unused op parameter from simple_write_to_buffer() apparmor: fix change_hat debug output apparmor: convert change_profile to use fqname later to give better= control apparmor: make computing policy hashes conditional on kernel parame= ter apparmor: update cap audit to check SECURITY_CAP_NOAUDIT apparmor: add per cpu work buffers to avoid allocating buffers at e= very hook apparmor: add check for apparmor enabled in module parameters missi= ng it apparmor: fix restricted endian type warnings for dfa unpack apparmor: fix restricted endian type warnings for policy unpack apparmor: replace remaining BUG_ON() asserts with AA_BUG() Kees Cook (1): apparmor: use designated initializers Tetsuo Handa (1): AppArmor: Use GFP_KERNEL for __aa_kvmalloc(). Tyler Hicks (1): apparmor: sysctl to enable unprivileged user ns AppArmor policy loa= ding William Hua (1): apparmor: support querying extended trusted helper extra data security/apparmor/Kconfig | 31 +- security/apparmor/Makefile | 2 +- security/apparmor/apparmorfs.c | 681 ++++++++++++++++++---= - security/apparmor/audit.c | 98 +--- security/apparmor/capability.c | 26 +- security/apparmor/context.c | 107 ++-- security/apparmor/crypto.c | 39 +- security/apparmor/domain.c | 137 ++--- security/apparmor/file.c | 80 +-- security/apparmor/include/apparmor.h | 82 +-- security/apparmor/include/apparmorfs.h | 21 +- security/apparmor/include/audit.h | 152 ++--- security/apparmor/include/context.h | 84 +-- security/apparmor/include/crypto.h | 5 + security/apparmor/include/domain.h | 4 +- security/apparmor/include/file.h | 9 +- security/apparmor/include/lib.h | 200 +++++++ security/apparmor/include/match.h | 26 +- security/apparmor/include/path.h | 53 ++ security/apparmor/include/policy.h | 199 ++----- security/apparmor/include/policy_ns.h | 147 +++++ security/apparmor/include/policy_unpack.h | 28 +- security/apparmor/include/{sid.h =3D> secid.h} | 18 +- security/apparmor/ipc.c | 18 +- security/apparmor/lib.c | 111 +++- security/apparmor/lsm.c | 315 ++++++---- security/apparmor/match.c | 47 +- security/apparmor/nulldfa.in | 1 + security/apparmor/policy.c | 824 ++++++++++-----------= ------ security/apparmor/policy_ns.c | 346 +++++++++++ security/apparmor/policy_unpack.c | 257 ++++++--- security/apparmor/procattr.c | 38 +- security/apparmor/resource.c | 19 +- security/apparmor/secid.c | 55 ++ security/apparmor/sid.c | 55 -- 35 files changed, 2795 insertions(+), 1520 deletions(-) create mode 100644 security/apparmor/include/lib.h create mode 100644 security/apparmor/include/policy_ns.h rename security/apparmor/include/{sid.h =3D> secid.h} (50%) create mode 100644 security/apparmor/nulldfa.in create mode 100644 security/apparmor/policy_ns.c create mode 100644 security/apparmor/secid.c delete mode 100644 security/apparmor/sid.c --RmUOHF0IdLaP5aC1e3HpoSmkpCoVQXteu-- --K0gHp2UKieB4XIaNdqsKkqlA2BBmRtBvV Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJYfJG4AAoJEAUvNnAY1cPY8zAP/jB2Qmnk6iMMfTB0NcguFYTa AvSxMrfrNNiklYYloUZycfYC/cao9pDMuELBJdf/HTh8MB9AxbEJZDP4VNxpv7ye //c7vS01aXbrzDAkId9y2F1/34pr7FHUyWrIw8EpPIHhOWxDAODERc8vnEMU1saq HLbXslmzLiwE+HVfD3qtca68c8mCaNjetUADcXxhkDtr+yo3PLk+mPf+A7AjeVjx rt7Vy3mVVDJ0RTWW8wYIoA5DtSDI6r8xvdeF2m/97ArrODLTRFpnbNLqoVMUnp4b UAFONtYhT9BWIPkcYM91X6ypbyPY+qHPeu547I9qwCimPgzb4AjSP7gIqAY0OwA2 h2L0Tr634NwNC0xuShtbtMsGEuUf2kre4ZMOz3vZxkz6lxP2jei5FwMUcbbt/G54 HIPQth2b3GxE0bYnBuXfBzx5rd3lC8Mjg5hXFaeRlyt4yPbzf92ni7SnwXgkby+K gRHrApuQhli3M0lNxQpBeD3mXJxfiGLMSBEbtcBjLFkv/x2RIR4qkuWXnjTo1XRm HAb2ODz2/Z6XonglDUDT7aGcQklNVY0F8kaDRZ7j3eu5r8pZAZe7PQ38ECx0ATMv yTUJU81GLswCs7g6HcIO+R3MwrKmqAY0ftANKyZHiqFfOgd7fz3w3icg0EjyN8Z2 5LrRs4FW8lPNHSDvVBNl =clD1 -----END PGP SIGNATURE----- --K0gHp2UKieB4XIaNdqsKkqlA2BBmRtBvV--