mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 14:25:52 +00:00
Code Issues Releases Wiki Activity

More cleanups.

Browse Source
This commit is contained in:
Andreas Gruenbacher
2007-02-12 04:50:00 +00:00
parent e4541f7879
commit e4c35f7cbf
7 changed files with 867 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
kernel-patches/for-mainline/aa_switch.diff
View File

@@ -1,6 +1,7 @@
Rename aa_switch() to aa_switch_profile(), and replace
aa_switch_unconfined(task) with aa_switch_profile(task, NULL, 0):
this is easier to understand; we want to make it more explicit
Rename aa_switch() to aa_switch_to_profile(), and replace
aa_switch_unconfined(task) with aa_switch_to_profile(task, NULL, 0):
this is easier to understand. Pass the hat magic to switch to to
aa_switch_to_profile as well: we want to make it more explicit
which profile switches go together with which hat changes!
The entire change hat logic looks very questionable to me; it is
@@ -20,7 +21,7 @@ Index: b/security/apparmor/inline.h
/**
- * aa_switch - change aa_task_context to use a new profile
+ * aa_switch_profile - change aa_task_context to use a new profile
+ * aa_switch_to_profile - change aa_task_context to use a new profile
* @cxt: aa_task_context to switch the active profile on
- * @newactive: new active profile
+ * @newactive: new active profile (NULL for unconfined)
@@ -35,14 +36,14 @@ Index: b/security/apparmor/inline.h
- */
-static inline void aa_switch(struct aa_task_context *cxt,
- struct aa_profile *newactive)
+ * aa_switch_profile handles the changing of a aa_task_context's active
+ * aa_switch_to_profile handles the changing of a aa_task_context's active
+ * profile. The cxt_lock must be held to ensure consistency against
+ * other writers. Some write paths (ex. aa_register) require
+ * cxt->active not to change over several operations, so the calling
+ * function is responsible for grabing the cxt_lock to meet its
+ * consistency constraints before calling aa_switch_profile
+ * consistency constraints before calling aa_switch_to_profile
+ */
+static inline void aa_switch_profile(struct aa_task_context *cxt,
+static inline void aa_switch_to_profile(struct aa_task_context *cxt,
+ struct aa_profile *newactive,
+ u32 hat_magic)
{
@@ -104,7 +105,7 @@ Index: b/security/apparmor/main.c
spin_lock_irqsave(&cxt_lock, flags);
- aa_switch(newcxt, cxt->active);
- newcxt->hat_magic = cxt->hat_magic;
+ aa_switch_profile(newcxt, cxt->active, cxt->hat_magic);
+ aa_switch_to_profile(newcxt, cxt->active, cxt->hat_magic);
spin_unlock_irqrestore(&cxt_lock, flags);
if (APPARMOR_COMPLAIN(cxt) &&
@@ -113,7 +114,7 @@ Index: b/security/apparmor/main.c
}
- aa_switch(cxt, newprofile);
+ aa_switch_profile(cxt, newprofile, 0);
+ aa_switch_to_profile(cxt, newprofile, 0);
put_aa_profile(newprofile);
if (complain && newprofile == null_complain_profile)
@@ -124,7 +125,7 @@ Index: b/security/apparmor/main.c
- * writers. There may still be other readers so we must still use aa_switch
- * to put the aa_task_context's reference safely.
+ * writers. There may still be other readers so we must still use
+ * aa_switch_profile to put the aa_task_context's reference safely.
+ * aa_switch_to_profile to put the aa_task_context's reference safely.
*/
void aa_release(struct task_struct *p)
{
@@ -133,7 +134,7 @@ Index: b/security/apparmor/main.c
aa_task_context_list_remove(cxt);
- aa_switch_unconfined(cxt);
+ aa_switch_profile(cxt, NULL, 0);
+ aa_switch_to_profile(cxt, NULL, 0);
kfree(cxt);
}
@@ -153,7 +154,7 @@ Index: b/security/apparmor/main.c
if (sub) {
/* change hat */
- aa_switch(cxt, sub);
+ aa_switch_profile(cxt, sub, hat_magic);
+ aa_switch_to_profile(cxt, sub, hat_magic);
put_aa_profile(sub);
} else {
/* There is no such subprofile change to a NULL profile.
@@ -171,7 +172,7 @@ Index: b/security/apparmor/main.c
error = -EACCES;
}
- aa_switch(cxt, cxt->active->null_profile);
+ aa_switch_profile(cxt, cxt->active->null_profile, hat_magic);
+ aa_switch_to_profile(cxt, cxt->active->null_profile, hat_magic);
}
return error;
@@ -185,7 +186,7 @@ Index: b/security/apparmor/main.c
} else {
/* Got here via changehat(NULL, magic)
*
@@ -1212,21 +1221,20 @@ int aa_change_hat(const char *hat_name,
@@ -1212,21 +1221,21 @@ int aa_change_hat(const char *hat_name,
* Handle special casing of NULL magic which confines task
* to subprofile and prohibits further changehats
*/
@@ -202,7 +203,8 @@ Index: b/security/apparmor/main.c
- * New value will be passed on next changehat
- */
- cxt->hat_magic = 0;
+ aa_switch_profile(cxt, cxt->active->parent, 0);
+ aa_switch_to_profile(cxt, cxt->active->parent,
+ 0);
} else {
- /* change to another (sibling) profile */
- error = do_change_hat(hat_name, cxt);
@@ -215,7 +217,7 @@ Index: b/security/apparmor/main.c
}
} else if (cxt->hat_magic) {
AA_ERROR("KILLING process %s(%d) "
@@ -1240,7 +1248,7 @@ int aa_change_hat(const char *hat_name,
@@ -1240,7 +1249,7 @@ int aa_change_hat(const char *hat_name,
/* terminate current process */
(void)send_sig_info(SIGKILL, NULL, current);
@@ -233,7 +235,7 @@ Index: b/security/apparmor/lsm.c
BASE_PROFILE(cxt->active),
cxt->active->name, cxt->active);
- aa_switch_unconfined(cxt);
+ aa_switch_profile(cxt, NULL, 0);
+ aa_switch_to_profile(cxt, NULL, 0);
}
return 0;
@@ -246,7 +248,7 @@ Index: b/security/apparmor/procattr.c
cxt->active->name);
- aa_switch_unconfined(cxt);
+ aa_switch_profile(cxt, NULL, 0);
+ aa_switch_to_profile(cxt, NULL, 0);
} else {
AA_WARN("%s: task %s(%d) "
"is already unconstrained\n",
@@ -265,7 +267,7 @@ Index: b/security/apparmor/procattr.c
- * calling aa_switch
- */
- cxt->hat_magic = 0;
+ aa_switch_profile(cxt, profile, 0);
+ aa_switch_to_profile(cxt, profile, 0);
+ put_aa_profile(profile);
}
@@ -279,7 +281,7 @@ Index: b/security/apparmor/module_interface.c
cxt->active->name);
- aa_switch_unconfined(cxt);
+ aa_switch_profile(cxt, NULL, 0);
+ aa_switch_to_profile(cxt, NULL, 0);
}
/** taskremove_iter - Iterator to unconfine aa_task_contexts which match cookie
@@ -297,7 +299,7 @@ Index: b/security/apparmor/module_interface.c
nactive = aa_dup_profile(new->null_profile);
- aa_switch(cxt, nactive);
+ aa_switch_profile(cxt, nactive, cxt->hat_magic);
+ aa_switch_to_profile(cxt, nactive, cxt->hat_magic);
put_aa_profile(nactive);
- } else {
- aa_switch(cxt, new);
@@ -306,7 +308,7 @@ Index: b/security/apparmor/module_interface.c
- out:
- return;
+ } else
+ aa_switch_profile(cxt, new, cxt->hat_magic);
+ aa_switch_to_profile(cxt, new, cxt->hat_magic);
}
/** taskreplace_iter - Iterator to replace a aa_task_context's profile

48
kernel-patches/for-mainline/fix-change_hat.diff Normal file
View File

@@ -0,0 +1,48 @@
Do not switch to the NULL profile in enforce mode: this only screws
the calling process; it wouldn't have a reasonable way of finding
out when a hat doesn't exist.
Index: b/security/apparmor/main.c
===================================================================
--- a/security/apparmor/main.c
+++ b/security/apparmor/main.c
@@ -1113,14 +1113,6 @@ static inline int do_change_hat(const ch
aa_switch_to_profile(cxt, sub, hat_magic);
aa_put_profile(sub);
} else {
- /* There is no such subprofile change to a NULL profile.
- * The NULL profile grants no file access.
- *
- * This feature is used by changehat_apache.
- *
- * N.B from the null-profile the task can still changehat back
- * out to the parent profile (assuming magic != 0)
- */
if (APPARMOR_COMPLAIN(cxt)) {
LOG_HINT(cxt->profile, GFP_ATOMIC, HINT_UNKNOWN_HAT,
"%s pid=%d "
@@ -1129,6 +1121,16 @@ static inline int do_change_hat(const ch
current->pid,
BASE_PROFILE(cxt->profile)->name,
cxt->profile->name);
+ /*
+ * Switch to the NULL profile: it grants no accesses,
+ * so all accesses will be logged. This allows us to
+ * learn about new hats.
+ *
+ * N.B from the null-profile the task can still change
+ * back to the parent profile if hat_magic != 0.
+ */
+ aa_switch_to_profile(cxt, cxt->profile->null_profile,
+ hat_magic);
} else {
AA_DEBUG("%s: Unknown hatname '%s'. "
"Changing to NULL profile "
@@ -1140,7 +1142,6 @@ static inline int do_change_hat(const ch
cxt->profile->name);
error = -EACCES;
}
- aa_switch_to_profile(cxt, cxt->profile->null_profile, hat_magic);
}
return error;

42
kernel-patches/for-mainline/active-really-is-a-profile.diff → kernel-patches/for-mainline/rename-aa_task_context-active.diff
View File

@@ -1,3 +1,7 @@
Rename the <active> pointer in struct aa_task_context: there are
no other (inactive?) profiles. (And hats really are just profiles
as well.)
Index: b/security/apparmor/apparmor.h
===================================================================
--- a/security/apparmor/apparmor.h
@@ -150,23 +154,23 @@ Index: b/security/apparmor/inline.h
}
/**
* aa_switch_profile - change aa_task_context to use a new profile
* aa_switch_to_profile - change aa_task_context to use a new profile
- * @cxt: aa_task_context to switch the active profile on
- * @newactive: new active profile (NULL for unconfined)
+ * @cxt: aa_task_context to switch the profile on
+ * @newactive: new profile (NULL for unconfined)
* @hat_magic: hat value to switch to (0 for no hat)
*
- * aa_switch_profile handles the changing of a aa_task_context's active
+ * aa_switch_profile handles the changing of a aa_task_context's profile
- * aa_switch_to_profile handles the changing of a aa_task_context's active
+ * aa_switch_to_profile handles the changing of a aa_task_context's profile
* profile. The cxt_lock must be held to ensure consistency against
* other writers. Some write paths (ex. aa_register) require
- * cxt->active not to change over several operations, so the calling
+ * cxt->profile not to change over several operations, so the calling
* function is responsible for grabing the cxt_lock to meet its
* consistency constraints before calling aa_switch_profile
* consistency constraints before calling aa_switch_to_profile
*/
@@ -67,11 +67,11 @@ static inline void aa_switch_profile(str
@@ -67,11 +67,11 @@ static inline void aa_switch_to_profile(
struct aa_profile *newactive,
u32 hat_magic)
{
@@ -449,7 +453,7 @@ Index: b/security/apparmor/lsm.c
+ if (cxt->profile) {
AA_DEBUG("%s: Dropping profiles %s(%d) "
- "profile %s(%p) active %s(%p)\n",
+ "profile %s(%p) profile %s(%p)\n",
+ "profile %s(%p) hat %s(%p)\n",
__FUNCTION__,
cxt->task->comm, cxt->task->pid,
- BASE_PROFILE(cxt->active)->name,
@@ -458,7 +462,7 @@ Index: b/security/apparmor/lsm.c
+ BASE_PROFILE(cxt->profile)->name,
+ BASE_PROFILE(cxt->profile),
+ cxt->profile->name, cxt->profile);
aa_switch_profile(cxt, NULL, 0);
aa_switch_to_profile(cxt, NULL, 0);
}
@@ -748,7 +748,7 @@ static void __exit apparmor_exit(void)
@@ -851,8 +855,8 @@ Index: b/security/apparmor/main.c
* he new task would end up with an obsolete profile.
*/
spin_lock_irqsave(&cxt_lock, flags);
- aa_switch_profile(newcxt, cxt->active, cxt->hat_magic);
+ aa_switch_profile(newcxt, cxt->profile, cxt->hat_magic);
- aa_switch_to_profile(newcxt, cxt->active, cxt->hat_magic);
+ aa_switch_to_profile(newcxt, cxt->profile, cxt->hat_magic);
spin_unlock_irqrestore(&cxt_lock, flags);
if (APPARMOR_COMPLAIN(cxt) &&
@@ -1053,8 +1057,8 @@ Index: b/security/apparmor/main.c
+ cxt->profile->name);
error = -EACCES;
}
- aa_switch_profile(cxt, cxt->active->null_profile, hat_magic);
+ aa_switch_profile(cxt, cxt->profile->null_profile, hat_magic);
- aa_switch_to_profile(cxt, cxt->active->null_profile, hat_magic);
+ aa_switch_to_profile(cxt, cxt->profile->null_profile, hat_magic);
}
return error;
@@ -1089,12 +1093,12 @@ Index: b/security/apparmor/main.c
* Got here via changehat(NULL, magic)
* Return from subprofile, back to parent
*/
- aa_switch_profile(cxt, cxt->active->parent, 0);
+ aa_switch_profile(cxt, cxt->profile->parent, 0);
- aa_switch_to_profile(cxt, cxt->active->parent,
+ aa_switch_to_profile(cxt, cxt->profile->parent,
0);
} else {
/*
* Change to another (sibling) profile, and
@@ -1239,22 +1239,22 @@ int aa_change_hat(const char *hat_name,
@@ -1240,22 +1240,22 @@ int aa_change_hat(const char *hat_name,
} else if (cxt->hat_magic) {
AA_ERROR("KILLING process %s(%d) "
"Invalid change_hat() magic# 0x%x "
@@ -1148,7 +1152,7 @@ Index: b/security/apparmor/module_interface.c
+ BASE_PROFILE(cxt->profile)->name,
+ cxt->profile->name);
aa_switch_profile(cxt, NULL, 0);
aa_switch_to_profile(cxt, NULL, 0);
}
@@ -61,7 +61,7 @@ static inline void task_remove(struct aa
* @cxt: aa_task_context to consider for profile removal
@@ -1182,7 +1186,7 @@ Index: b/security/apparmor/module_interface.c
{
AA_DEBUG("%s: replacing profile for task %s(%d) "
- "profile=%s (%p) active=%s (%p)\n",
+ "profile=%s (%p) profile=%s (%p)\n",
+ "profile=%s (%p) hat=%s (%p)\n",
__FUNCTION__,
cxt->task->comm, cxt->task->pid,
- BASE_PROFILE(cxt->active)->name, BASE_PROFILE(cxt->active),
@@ -1293,7 +1297,7 @@ Index: b/security/apparmor/procattr.c
+ BASE_PROFILE(cxt->profile)->name,
+ cxt->profile->name);
aa_switch_profile(cxt, NULL, 0);
aa_switch_to_profile(cxt, NULL, 0);
} else {
@@ -300,12 +300,12 @@ int aa_setprocattr_setprofile(struct tas
*/
@@ -1310,4 +1314,4 @@ Index: b/security/apparmor/procattr.c
+ cxt->profile ? cxt->profile->name : "unconstrained",
name);
aa_switch_profile(cxt, profile, 0);
aa_switch_to_profile(cxt, profile, 0);

32
kernel-patches/for-mainline/rename-ctx-to-cxt.diff Normal file
View File

@@ -0,0 +1,32 @@
Context is only abbreviated as ctx here, but as cxt everywhere else.
Index: b/security/apparmor/main.c
===================================================================
--- a/security/apparmor/main.c
+++ b/security/apparmor/main.c
@@ -319,7 +319,7 @@ int aa_audit_syscallreject(struct aa_pro
int aa_audit(struct aa_profile *profile, const struct aa_audit *sa)
{
struct audit_buffer *ab = NULL;
- struct audit_context *ctx;
+ struct audit_context *cxt;
const char *logcls;
unsigned int flags;
@@ -378,13 +378,13 @@ int aa_audit(struct aa_profile *profile,
* we are rejecting a syscall
*/
if (sa->type == AA_AUDITTYPE_SYSCALL) {
- ctx = current->audit_context;
+ cxt = current->audit_context;
} else {
- ctx = (flags & AA_AUDITFLAG_AUDITSS_SYSCALL) ?
+ cxt = (flags & AA_AUDITFLAG_AUDITSS_SYSCALL) ?
current->audit_context : NULL;
}
- ab = audit_log_start(ctx, gfp_mask, AUDIT_APPARMOR);
+ ab = audit_log_start(cxt, gfp_mask, AUDIT_APPARMOR);
if (!ab) {
AA_ERROR("Unable to log event (%d) to audit subsys\n",

327
kernel-patches/for-mainline/rename-put_aa_profile.diff Normal file
View File

@@ -0,0 +1,327 @@
Rename put_aa_profile to aa_put_profile for consistency.
Index: b/security/apparmor/apparmorfs.c
===================================================================
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -170,7 +170,7 @@ static char *aa_simple_write_to_buffer(c
"profile %s hat %s)\n",
msg, current->comm, current->pid,
BASE_PROFILE(profile)->name, profile->name);
- put_aa_profile(profile);
+ aa_put_profile(profile);
data = ERR_PTR(-EPERM);
goto out;
Index: b/security/apparmor/inline.h
===================================================================
--- a/security/apparmor/inline.h
+++ b/security/apparmor/inline.h
@@ -25,10 +25,10 @@ static inline struct aa_profile *aa_dup_
}
/**
- * put_aa_profile - decrement refcount on profile @p
+ * aa_put_profile - decrement refcount on profile @p
* @p: profile
*/
-static inline void put_aa_profile(struct aa_profile *p)
+static inline void aa_put_profile(struct aa_profile *p)
{
if (p)
kref_put(&BASE_PROFILE(p)->count, free_aa_profile_kref);
@@ -72,7 +72,7 @@ static inline void aa_switch_to_profile(str
cxt->caps_logged = CAP_EMPTY_SET;
cxt->hat_magic = hat_magic;
rcu_assign_pointer(cxt->profile, aa_dup_profile(newactive));
- put_aa_profile(old);
+ aa_put_profile(old);
}
/**
Index: b/security/apparmor/list.c
===================================================================
--- a/security/apparmor/list.c
+++ b/security/apparmor/list.c
@@ -60,7 +60,7 @@ int aa_profilelist_add(struct aa_profile
write_lock(&profile_lock);
old_profile = __aa_find_profile(profile->name, &profile_list);
if (old_profile) {
- put_aa_profile(old_profile);
+ aa_put_profile(old_profile);
goto out;
}
@@ -126,7 +126,7 @@ struct aa_profile *aa_profilelist_replac
oldprofile->isstale = 1;
/* __aa_find_profile incremented count, so adjust down */
- put_aa_profile(oldprofile);
+ aa_put_profile(oldprofile);
}
list_add(&profile->list, &profile_list);
@@ -145,7 +145,7 @@ void aa_profilelist_release(void)
write_lock(&profile_lock);
list_for_each_entry_safe(p, tmp, &profile_list, list) {
list_del_init(&p->list);
- put_aa_profile(p);
+ aa_put_profile(p);
}
write_unlock(&profile_lock);
}
Index: b/security/apparmor/lsm.c
===================================================================
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -92,7 +92,7 @@ static int aa_reject_syscall(struct task
if (profile) {
error = aa_audit_syscallreject(profile, flags, name);
- put_aa_profile(profile);
+ aa_put_profile(profile);
}
return error;
@@ -148,7 +148,7 @@ static int apparmor_capable(struct task_
if (profile)
error = aa_capability(profile, cap);
- put_aa_profile(profile);
+ aa_put_profile(profile);
}
return error;
@@ -233,7 +233,7 @@ static int apparmor_inode_mkdir(struct i
if (profile)
error = aa_perm_dir(profile, dentry, mnt, "mkdir", MAY_WRITE);
- put_aa_profile(profile);
+ aa_put_profile(profile);
out:
return error;
@@ -253,7 +253,7 @@ static int apparmor_inode_rmdir(struct i
if (profile)
error = aa_perm_dir(profile, dentry, mnt, "rmdir", MAY_WRITE);
- put_aa_profile(profile);
+ aa_put_profile(profile);
out:
return error;
@@ -269,7 +269,7 @@ static int aa_permission(struct inode *i
if (profile)
error = aa_perm(profile, dentry, mnt, mask, leaf);
- put_aa_profile(profile);
+ aa_put_profile(profile);
}
return error;
}
@@ -297,7 +297,7 @@ static int apparmor_inode_link(struct de
error = aa_link(profile, new_dentry, new_mnt,
old_dentry, old_mnt);
- put_aa_profile(profile);
+ aa_put_profile(profile);
out:
return error;
@@ -347,7 +347,7 @@ static int apparmor_inode_rename(struct
MAY_WRITE, 1);
}
- put_aa_profile(profile);
+ aa_put_profile(profile);
out:
return error;
@@ -395,7 +395,7 @@ static int apparmor_inode_setattr(struct
if (profile)
error = aa_attr(profile, dentry, mnt, iattr);
- put_aa_profile(profile);
+ aa_put_profile(profile);
}
out:
@@ -414,7 +414,7 @@ static int aa_xattr_permission(struct de
if (profile)
error = aa_perm_xattr(profile, dentry, mnt, name,
operation, mask);
- put_aa_profile(profile);
+ aa_put_profile(profile);
}
return error;
@@ -522,7 +522,7 @@ static int apparmor_getprocattr(struct t
profile = aa_get_profile(p);
error = aa_getprocattr(profile, str, size);
- put_aa_profile(profile);
+ aa_put_profile(profile);
out:
return error;
@@ -614,7 +614,7 @@ static int apparmor_setprocattr(struct t
error = -EACCES;
}
- put_aa_profile(profile);
+ aa_put_profile(profile);
} else {
/* unknown operation */
AA_WARN("%s: Unknown setprocattr command '%.*s' by task %s(%d) "
Index: b/security/apparmor/main.c
===================================================================
--- a/security/apparmor/main.c
+++ b/security/apparmor/main.c
@@ -258,7 +258,7 @@ fail:
*/
void free_null_complain_profile(void)
{
- put_aa_profile(null_complain_profile);
+ aa_put_profile(null_complain_profile);
null_complain_profile = NULL;
}
@@ -1011,7 +1011,7 @@ apply_profile:
WARN_ON(newprofile == null_complain_profile);
/* drop refcnt obtained from earlier aa_dup_profile */
- put_aa_profile(newprofile);
+ aa_put_profile(newprofile);
newprofile = aa_profilelist_find(filename);
@@ -1042,7 +1042,7 @@ apply_profile:
}
aa_switch_to_profile(cxt, newprofile, 0);
- put_aa_profile(newprofile);
+ aa_put_profile(newprofile);
if (complain && newprofile == null_complain_profile)
LOG_HINT(newprofile, GFP_ATOMIC, HINT_CHGPROF,
@@ -1055,7 +1055,7 @@ apply_profile:
cleanup:
aa_put_name(filename);
- put_aa_profile(profile);
+ aa_put_profile(profile);
out:
return error;
@@ -1110,7 +1110,7 @@ static inline int do_change_hat(const ch
if (sub) {
/* change hat */
aa_switch_to_profile(cxt, sub, hat_magic);
- put_aa_profile(sub);
+ aa_put_profile(sub);
} else {
/* There is no such subprofile change to a NULL profile.
* The NULL profile grants no file access.
Index: b/security/apparmor/module_interface.c
===================================================================
--- a/security/apparmor/module_interface.c
+++ b/security/apparmor/module_interface.c
@@ -113,7 +113,7 @@ static inline void task_replace(struct a
nactive = aa_dup_profile(new->null_profile);
aa_switch_to_profile(cxt, nactive, cxt->hat_magic);
- put_aa_profile(nactive);
+ aa_put_profile(nactive);
} else
aa_switch_to_profile(cxt, new, cxt->hat_magic);
}
@@ -508,7 +508,7 @@ ssize_t aa_file_prof_add(void *data, siz
} else {
AA_WARN("trying to add profile (%s) that already exists.\n",
profile->name);
- put_aa_profile(profile);
+ aa_put_profile(profile);
error = -EEXIST;
}
@@ -572,11 +572,11 @@ ssize_t aa_file_prof_repl(void *udata, s
aa_task_context_list_iterate(taskreplace_iter, (void *)&data);
/* it's off global list, and we are done replacing */
- put_aa_profile(data.old_profile);
+ aa_put_profile(data.old_profile);
}
/* release extra reference obtained above (race) */
- put_aa_profile(data.new_profile);
+ aa_put_profile(data.new_profile);
error = size;
@@ -607,7 +607,7 @@ ssize_t aa_file_prof_remove(const char *
(void *)old_profile);
/* drop reference obtained by aa_profilelist_remove */
- put_aa_profile(old_profile);
+ aa_put_profile(old_profile);
} else {
AA_WARN("%s: trying to remove profile (%s) that "
"doesn't exist - skipping.\n", __FUNCTION__, name);
@@ -618,7 +618,7 @@ ssize_t aa_file_prof_remove(const char *
}
/**
- * free_aa_profile_kref - free aa_profile by kref (called by put_aa_profile)
+ * free_aa_profile_kref - free aa_profile by kref (called by aa_put_profile)
* @kr: kref callback for freeing of a profile
*/
void free_aa_profile_kref(struct kref *kr)
@@ -657,7 +657,7 @@ void free_aa_profile(struct aa_profile *
aa_match_free(profile->file_rules);
- /* use free_aa_profile instead of put_aa_profile to destroy the
+ /* use free_aa_profile instead of aa_put_profile to destroy the
* null_profile, because the null_profile use the same reference
* counting as hats, ie. the count goes to the base profile.
*/
@@ -665,7 +665,7 @@ void free_aa_profile(struct aa_profile *
list_for_each_entry_safe(p, ptmp, &profile->sub, list) {
list_del_init(&p->list);
p->parent = NULL;
- put_aa_profile(p);
+ aa_put_profile(p);
}
if (profile->name) {
Index: b/security/apparmor/procattr.c
===================================================================
--- a/security/apparmor/procattr.c
+++ b/security/apparmor/procattr.c
@@ -262,7 +262,7 @@ int aa_setprocattr_setprofile(struct tas
name);
error = -ENOMEM;
- put_aa_profile(profile);
+ aa_put_profile(profile);
goto out;
}
@@ -282,7 +282,7 @@ int aa_setprocattr_setprofile(struct tas
WARN_ON(profile == null_complain_profile);
/* drop refcnt obtained from earlier aa_dup_profile */
- put_aa_profile(profile);
+ aa_put_profile(profile);
profile = aa_profilelist_find(name);
if (!profile) {
@@ -309,7 +309,7 @@ int aa_setprocattr_setprofile(struct tas
name);
aa_switch_to_profile(cxt, profile, 0);
- put_aa_profile(profile);
+ aa_put_profile(profile);
}
spin_unlock_irqrestore(&cxt_lock, flags);

404
kernel-patches/for-mainline/rename-task_struct-vars.diff Normal file
View File

@@ -0,0 +1,404 @@
Don't call task structs differnt all over the code (p, tsk, target).
Index: b/security/apparmor/apparmor.h
===================================================================
--- a/security/apparmor/apparmor.h
+++ b/security/apparmor/apparmor.h
@@ -237,9 +237,9 @@ extern int aa_perm_dir(struct aa_profile
extern int aa_link(struct aa_profile *profile,
struct dentry *link, struct vfsmount *link_mnt,
struct dentry *target, struct vfsmount *target_mnt);
-extern int aa_fork(struct task_struct *p);
+extern int aa_fork(struct task_struct *task);
extern int aa_register(struct linux_binprm *bprm);
-extern void aa_release(struct task_struct *p);
+extern void aa_release(struct task_struct *task);
extern int aa_change_hat(const char *id, u32 hat_magic);
extern int aa_associate_filp(struct file *filp);
@@ -267,7 +267,8 @@ extern void free_aa_profile_kref(struct
/* procattr.c */
extern size_t aa_getprocattr(struct aa_profile *profile, char *str, size_t size);
extern int aa_setprocattr_changehat(char *hatinfo, size_t infosize);
-extern int aa_setprocattr_setprofile(struct task_struct *p, char *profilename,
+extern int aa_setprocattr_setprofile(struct task_struct *task,
+ char *profilename,
size_t profilesize);
/* apparmorfs.c */
Index: b/security/apparmor/inline.h
===================================================================
--- a/security/apparmor/inline.h
+++ b/security/apparmor/inline.h
@@ -77,12 +77,12 @@ static inline void aa_switch_to_profile(
/**
* alloc_aa_task_context - allocate a new aa_task_context
- * @tsk: task struct
+ * @task: task struct
*
* Allocate a new aa_task_context including a backpointer to it's referring
* task.
*/
-static inline struct aa_task_context *alloc_aa_task_context(struct task_struct *tsk)
+static inline struct aa_task_context *alloc_aa_task_context(struct task_struct *task)
{
struct aa_task_context *cxt;
@@ -91,7 +91,7 @@ static inline struct aa_task_context *al
goto out;
/* back pointer to task */
- cxt->task = tsk;
+ cxt->task = task;
/* any readers of the list must make sure that they can handle
* case where cxt->profile is not yet set (null)
Index: b/security/apparmor/lsm.c
===================================================================
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -109,41 +109,41 @@ static int apparmor_ptrace(struct task_s
return error;
}
-static int apparmor_capget(struct task_struct *target,
+static int apparmor_capget(struct task_struct *task,
kernel_cap_t *effective,
kernel_cap_t *inheritable,
kernel_cap_t *permitted)
{
- return cap_capget(target, effective, inheritable, permitted);
+ return cap_capget(task, effective, inheritable, permitted);
}
-static int apparmor_capset_check(struct task_struct *target,
+static int apparmor_capset_check(struct task_struct *task,
kernel_cap_t *effective,
kernel_cap_t *inheritable,
kernel_cap_t *permitted)
{
- return cap_capset_check(target, effective, inheritable, permitted);
+ return cap_capset_check(task, effective, inheritable, permitted);
}
-static void apparmor_capset_set(struct task_struct *target,
+static void apparmor_capset_set(struct task_struct *task,
kernel_cap_t *effective,
kernel_cap_t *inheritable,
kernel_cap_t *permitted)
{
- cap_capset_set(target, effective, inheritable, permitted);
+ cap_capset_set(task, effective, inheritable, permitted);
}
-static int apparmor_capable(struct task_struct *tsk, int cap)
+static int apparmor_capable(struct task_struct *task, int cap)
{
int error;
/* cap_capable returns 0 on success, else -EPERM */
- error = cap_capable(tsk, cap);
+ error = cap_capable(task, cap);
if (!error) {
struct aa_profile *profile;
- profile = aa_get_profile(tsk);
+ profile = aa_get_profile(task);
if (profile)
error = aa_capability(profile, cap);
@@ -480,14 +480,14 @@ static int apparmor_file_mprotect(struct
!(vma->vm_flags & VM_SHARED) ? MAP_PRIVATE : 0);
}
-static int apparmor_task_alloc_security(struct task_struct *p)
+static int apparmor_task_alloc_security(struct task_struct *task)
{
- return aa_fork(p);
+ return aa_fork(task);
}
-static void apparmor_task_free_security(struct task_struct *p)
+static void apparmor_task_free_security(struct task_struct *task)
{
- aa_release(p);
+ aa_release(task);
}
static int apparmor_task_post_setuid(uid_t id0, uid_t id1, uid_t id2,
@@ -496,13 +496,13 @@ static int apparmor_task_post_setuid(uid
return cap_task_post_setuid(id0, id1, id2, flags);
}
-static void apparmor_task_reparent_to_init(struct task_struct *p)
+static void apparmor_task_reparent_to_init(struct task_struct *task)
{
- cap_task_reparent_to_init(p);
+ cap_task_reparent_to_init(task);
}
-static int apparmor_getprocattr(struct task_struct *p, char *name, void *value,
- size_t size)
+static int apparmor_getprocattr(struct task_struct *task, char *name,
+ void *value, size_t size)
{
int error;
struct aa_profile *profile;
@@ -515,12 +515,12 @@ static int apparmor_getprocattr(struct t
}
/* must be task querying itself or admin */
- if (current != p && !capable(CAP_SYS_ADMIN)) {
+ if (current != task && !capable(CAP_SYS_ADMIN)) {
error = -EPERM;
goto out;
}
- profile = aa_get_profile(p);
+ profile = aa_get_profile(task);
error = aa_getprocattr(profile, str, size);
aa_put_profile(profile);
@@ -528,8 +528,8 @@ out:
return error;
}
-static int apparmor_setprocattr(struct task_struct *p, char *name, void *value,
- size_t size)
+static int apparmor_setprocattr(struct task_struct *task, char *name,
+ void *value, size_t size)
{
const char *cmd_changehat = "changehat ",
*cmd_setprofile = "setprofile ";
@@ -551,15 +551,15 @@ static int apparmor_setprocattr(struct t
size_t infosize = size - strlen(cmd_changehat);
/* Only the current process may change it's hat */
- if (current != p) {
+ if (current != task) {
AA_WARN("%s: Attempt by foreign task %s(%d) "
"[user %d] to changehat of task %s(%d)\n",
__FUNCTION__,
current->comm,
current->pid,
current->uid,
- p->comm,
- p->pid);
+ task->comm,
+ task->pid);
error = -EACCES;
goto out;
@@ -585,8 +585,8 @@ static int apparmor_setprocattr(struct t
current->comm,
current->pid,
current->uid,
- p->comm,
- p->pid);
+ task->comm,
+ task->pid);
error = -EACCES;
goto out;
}
@@ -596,7 +596,7 @@ static int apparmor_setprocattr(struct t
char *profile = cmd + strlen(cmd_setprofile);
size_t profilesize = size - strlen(cmd_setprofile);
- error = aa_setprocattr_setprofile(p, profile, profilesize);
+ error = aa_setprocattr_setprofile(task, profile, profilesize);
if (!error)
/* success,
* set return to #bytes in orig request
@@ -609,8 +609,8 @@ static int apparmor_setprocattr(struct t
current->comm,
current->pid,
current->uid,
- p->comm,
- p->pid);
+ task->comm,
+ task->pid);
error = -EACCES;
}
@@ -625,8 +625,8 @@ static int apparmor_setprocattr(struct t
current->comm,
current->pid,
current->uid,
- p->comm,
- p->pid);
+ task->comm,
+ task->pid);
error = -EINVAL;
}
Index: b/security/apparmor/main.c
===================================================================
--- a/security/apparmor/main.c
+++ b/security/apparmor/main.c
@@ -725,9 +725,9 @@ int aa_link(struct aa_profile *profile,
/**
* aa_fork - create a new aa_task_context
- * @p: new process
+ * @task: new process
*
- * Create a new aa_task_context for newly created process @p if it's parent
+ * Create a new aa_task_context for newly created process @task if it's parent
* is already confined. Otherwise a aa_task_context will be lazily allocated
* will get one with NULL values. Return 0 on sucess.
* for the child if it subsequently execs (in aa_register).
@@ -737,7 +737,7 @@ int aa_link(struct aa_profile *profile,
* replacement/removal.
*/
-int aa_fork(struct task_struct *p)
+int aa_fork(struct task_struct *task)
{
struct aa_task_context *cxt = aa_task_context(current);
struct aa_task_context *newcxt = NULL;
@@ -747,7 +747,7 @@ int aa_fork(struct task_struct *p)
if (cxt && cxt->profile) {
unsigned long flags;
- newcxt = alloc_aa_task_context(p);
+ newcxt = alloc_aa_task_context(task);
/* FIXME: The alloc above is a blocking operation, so
* cxt->profile may have vanished by now.
@@ -773,9 +773,9 @@ int aa_fork(struct task_struct *p)
cxt->profile == null_complain_profile)
LOG_HINT(cxt->profile, GFP_KERNEL, HINT_FORK,
"pid=%d child=%d\n",
- current->pid, p->pid);
+ current->pid, task->pid);
}
- p->security = newcxt;
+ task->security = newcxt;
return 0;
}
@@ -1063,10 +1063,10 @@ out:
/**
* aa_release - release the task's aa_task_context
- * @p: task being released
+ * @task: task being released
*
* This is called after a task has exited and the parent has reaped it.
- * @p->security blob is freed.
+ * @task->security blob is freed.
*
* This is the one case where we don't need to hold the cxt_lock before
* removing a profile from a aa_task_context. Once the aa_task_context has
@@ -1074,11 +1074,11 @@ out:
* writers. There may still be other readers so we must still use
* aa_switch_to_profile to put the aa_task_context's reference safely.
*/
-void aa_release(struct task_struct *p)
+void aa_release(struct task_struct *task)
{
- struct aa_task_context *cxt = aa_task_context(p);
+ struct aa_task_context *cxt = aa_task_context(task);
if (cxt) {
- p->security = NULL;
+ task->security = NULL;
aa_task_context_list_remove(cxt);
aa_switch_to_profile(cxt, NULL, 0);
Index: b/security/apparmor/procattr.c
===================================================================
--- a/security/apparmor/procattr.c
+++ b/security/apparmor/procattr.c
@@ -171,7 +171,7 @@ out:
return error;
}
-int aa_setprocattr_setprofile(struct task_struct *p, char *profilename,
+int aa_setprocattr_setprofile(struct task_struct *task, char *profilename,
size_t profilesize)
{
int error = -EINVAL;
@@ -213,7 +213,7 @@ int aa_setprocattr_setprofile(struct tas
AA_WARN("%s: Unable to switch task %s(%d) to profile"
"'%s'. No such profile.\n",
__FUNCTION__,
- p->comm, p->pid,
+ task->comm, task->pid,
name);
error = -EINVAL;
@@ -223,7 +223,7 @@ int aa_setprocattr_setprofile(struct tas
spin_lock_irqsave(&cxt_lock, flags);
- cxt = aa_task_context(p);
+ cxt = aa_task_context(task);
/* switch to unconstrained */
if (!profile) {
@@ -231,7 +231,7 @@ int aa_setprocattr_setprofile(struct tas
AA_WARN("%s: Unconstraining task %s(%d) "
"profile %s hat %s\n",
__FUNCTION__,
- p->comm, p->pid,
+ task->comm, task->pid,
BASE_PROFILE(cxt->profile)->name,
cxt->profile->name);
@@ -239,7 +239,7 @@ int aa_setprocattr_setprofile(struct tas
} else {
AA_WARN("%s: task %s(%d) "
"is already unconstrained\n",
- __FUNCTION__, p->comm, p->pid);
+ __FUNCTION__, task->comm, task->pid);
}
} else {
if (!cxt) {
@@ -247,18 +247,18 @@ int aa_setprocattr_setprofile(struct tas
* loaded, allocate a aa_task_context
*/
AA_WARN("%s: task %s(%d) has no aa_task_context\n",
- __FUNCTION__, p->comm, p->pid);
+ __FUNCTION__, task->comm, task->pid);
/* unlock so we can safely GFP_KERNEL */
spin_unlock_irqrestore(&cxt_lock, flags);
- cxt = alloc_aa_task_context(p);
+ cxt = alloc_aa_task_context(task);
if (!cxt) {
AA_WARN("%s: Unable to allocate "
"aa_task_context for task %s(%d). "
"Cannot confine task to profile %s\n",
__FUNCTION__,
- p->comm, p->pid,
+ task->comm, task->pid,
name);
error = -ENOMEM;
@@ -268,11 +268,11 @@ int aa_setprocattr_setprofile(struct tas
}
spin_lock_irqsave(&cxt_lock, flags);
- if (!aa_task_context(p)) {
- p->security = cxt;
+ if (!aa_task_context(task)) {
+ task->security = cxt;
} else { /* race */
free_aa_task_context(cxt);
- cxt = aa_task_context(p);
+ cxt = aa_task_context(task);
}
}
@@ -302,7 +302,7 @@ int aa_setprocattr_setprofile(struct tas
AA_WARN("%s: Switching task %s(%d) "
"profile %s hat %s to new profile %s\n",
__FUNCTION__,
- p->comm, p->pid,
+ task->comm, task->pid,
cxt->profile ? BASE_PROFILE(cxt->profile)->name :
"unconstrained",
cxt->profile ? cxt->profile->name : "unconstrained",

6
kernel-patches/for-mainline/series
View File

@@ -50,8 +50,12 @@ replace-activeptr.diff
fix-capabilities.diff
comment-wrong.diff
aa_switch.diff
active-really-is-a-profile.diff
rename-aa_task_context-active.diff
rename-put_aa_profile.diff
rename-task_struct-vars.diff
rename-ctx-to-cxt.diff
d_namespace_path.diff
apparmor-d_namespace.diff
# fix-change_hat.diff
# apparmor-percpu_path_cache.diff
# apparmor-path_resize.diff