9133493a | 09-Nov-2024 |
John Johansen <john.johansen@canonical.com> |
parser: drop dead code for XXX_comb macros
The macros for label combination XXX_comb are no longer used and there are no plans to use them so remove the dead code.
Signed-off-by: John Johansen <joh
parser: drop dead code for XXX_comb macros
The macros for label combination XXX_comb are no longer used and there are no plans to use them so remove the dead code.
Signed-off-by: John Johansen <john.johansen@canonical.com>
show more ...
|
21155176 | 02-Sep-2024 |
Jinjie Ruan <ruanjinjie@huawei.com> |
apparmor: Remove unused parameter L1 in macro next_comb
In the macro definition of next_comb(), a parameter L1 is accepted, but it is not used. Hence, it should be removed.
Signed-off-by: Jinjie Ru
apparmor: Remove unused parameter L1 in macro next_comb
In the macro definition of next_comb(), a parameter L1 is accepted, but it is not used. Hence, it should be removed.
Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
show more ...
|
75535669 | 21-Sep-2024 |
Dr. David Alan Gilbert <linux@treblig.org> |
apparmor: Remove deadcode
aa_label_audit, aa_label_find, aa_label_seq_print and aa_update_label_name were added by commit f1bd904175e8 ("apparmor: add the base fns() for domain labels") but never us
apparmor: Remove deadcode
aa_label_audit, aa_label_find, aa_label_seq_print and aa_update_label_name were added by commit f1bd904175e8 ("apparmor: add the base fns() for domain labels") but never used.
aa_profile_label_perm was added by commit 637f688dc3dc ("apparmor: switch from profiles to using labels on contexts") but never used.
aa_secid_update was added by commit c092921219d2 ("apparmor: add support for mapping secids and using secctxes") but never used.
aa_split_fqname has been unused since commit 3664268f19ea ("apparmor: add namespace lookup fns()")
aa_lookup_profile has been unused since commit 93c98a484c49 ("apparmor: move exec domain mediation to using labels")
aa_audit_perms_cb was only used by aa_profile_label_perm (see above).
All of these commits are from around 2017.
Remove them.
Signed-off-by: Dr. David Alan Gilbert <linux@treblig.org> Signed-off-by: John Johansen <john.johansen@canonical.com>
show more ...
|
157a3537 | 10-Sep-2023 |
John Johansen <john.johansen@canonical.com> |
apparmor: Fix regression in mount mediation
commit 2db154b3ea8e ("vfs: syscall: Add move_mount(2) to move mounts around")
introduced a new move_mount(2) system call and a corresponding new LSM secu
apparmor: Fix regression in mount mediation
commit 2db154b3ea8e ("vfs: syscall: Add move_mount(2) to move mounts around")
introduced a new move_mount(2) system call and a corresponding new LSM security_move_mount hook but did not implement this hook for any existing LSM. This creates a regression for AppArmor mediation of mount. This patch provides a base mapping of the move_mount syscall to the existing mount mediation. In the future we may introduce additional mediations around the new mount calls.
Fixes: 2db154b3ea8e ("vfs: syscall: Add move_mount(2) to move mounts around") CC: stable@vger.kernel.org Reported-by: Andreas Steinmetz <anstein99@googlemail.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
show more ...
|
c4371d90 | 20-Mar-2023 |
Georgia Garcia <georgia.garcia@canonical.com> |
apparmor: add io_uring mediation
For now, the io_uring mediation is limited to sqpoll and override_creds.
Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com> Signed-off-by: John Johansen <
apparmor: add io_uring mediation
For now, the io_uring mediation is limited to sqpoll and override_creds.
Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
show more ...
|
fa9b63ad | 10-Sep-2022 |
John Johansen <john.johansen@canonical.com> |
apparmor: add user namespace creation mediation
Unprivileged user namespace creation is often used as a first step in privilege escalation attacks. Instead of disabling it at the sysrq level, which
apparmor: add user namespace creation mediation
Unprivileged user namespace creation is often used as a first step in privilege escalation attacks. Instead of disabling it at the sysrq level, which blocks its legitimate use as for setting up a sandbox, allow control on a per domain basis.
This allows an admin to quickly lock down a system while also still allowing legitimate use.
Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
show more ...
|
2d9da9b1 | 09-Aug-2023 |
John Johansen <john.johansen@canonical.com> |
apparmor: allow restricting unprivileged change_profile
unprivileged unconfined can use change_profile to alter the confinement set by the mac admin.
Allow restricting unprivileged unconfined by st
apparmor: allow restricting unprivileged change_profile
unprivileged unconfined can use change_profile to alter the confinement set by the mac admin.
Allow restricting unprivileged unconfined by still allowing change_profile but stacking the change against unconfined. This allows unconfined to still apply system policy but allows the task to enter the new confinement.
If unprivileged unconfined is required a sysctl is provided to switch to the previous behavior.
Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
show more ...
|
98b824ff | 28-Apr-2023 |
John Johansen <john.johansen@canonical.com> |
apparmor: refcount the pdb
With the move to permission tables the dfa is no longer a stand alone entity when used, needing a minimum of a permission table. However it still could be shared among dif
apparmor: refcount the pdb
With the move to permission tables the dfa is no longer a stand alone entity when used, needing a minimum of a permission table. However it still could be shared among different pdbs each using a different permission table.
Instead of duping the permission table when sharing a pdb, add a refcount to the pdb so it can be easily shared.
Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
show more ...
|
79ddd4a7 | 06-Mar-2023 |
John Johansen <john.johansen@canonical.com> |
apparmor: rename SK_CTX() to aa_sock and make it an inline fn
In preparation for LSM stacking rework the macro to an inline fn
Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com> Signed-off-
apparmor: rename SK_CTX() to aa_sock and make it an inline fn
In preparation for LSM stacking rework the macro to an inline fn
Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
show more ...
|
fee5304a | 10-Aug-2023 |
Xiu Jianfeng <xiujianfeng@huawei.com> |
apparmor: remove unused functions in policy_ns.c/.h
These functions are not used now, remove them.
Signed-off-by: Xiu Jianfeng <xiujianfeng@huawei.com> Signed-off-by: John Johansen <john.johansen@c
apparmor: remove unused functions in policy_ns.c/.h
These functions are not used now, remove them.
Signed-off-by: Xiu Jianfeng <xiujianfeng@huawei.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
show more ...
|
efea5b0d | 07-Aug-2023 |
GONG, Ruiqi <gongruiqi1@huawei.com> |
apparmor: remove unused PROF_* macros
The last usage of PROF_{ADD,REPLACE} were removed by commit 18e99f191a8e ("apparmor: provide finer control over policy management"). So remove these two unused
apparmor: remove unused PROF_* macros
The last usage of PROF_{ADD,REPLACE} were removed by commit 18e99f191a8e ("apparmor: provide finer control over policy management"). So remove these two unused macros.
Signed-off-by: GONG, Ruiqi <gongruiqi1@huawei.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
show more ...
|
980a5808 | 25-Jul-2023 |
Xiu Jianfeng <xiujianfeng@huawei.com> |
apparmor: cleanup unused functions in file.h
After changes in commit 33bf60cabcc7 ("LSM: Infrastructure management of the file security"), aa_alloc_file_ctx() and aa_free_file_ctx() are no longer us
apparmor: cleanup unused functions in file.h
After changes in commit 33bf60cabcc7 ("LSM: Infrastructure management of the file security"), aa_alloc_file_ctx() and aa_free_file_ctx() are no longer used, so remove them, and also remove aa_get_file_label() because it seems that it's never been used before.
Signed-off-by: Xiu Jianfeng <xiujianfeng@huawei.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
show more ...
|
8de4a7de | 31-May-2023 |
GONG, Ruiqi <gongruiqi@huaweicloud.com> |
apparmor: remove unused macro
SOCK_ctx() doesn't seem to be used anywhere in the code, so remove it.
Signed-off-by: GONG, Ruiqi <gongruiqi@huaweicloud.com> Signed-off-by: John Johansen <john.johans
apparmor: remove unused macro
SOCK_ctx() doesn't seem to be used anywhere in the code, so remove it.
Signed-off-by: GONG, Ruiqi <gongruiqi@huaweicloud.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
show more ...
|