Received: by 2002:a05:6358:5282:b0:b5:90e7:25cb with SMTP id g2csp3403904rwa; Tue, 23 Aug 2022 04:19:43 -0700 (PDT) X-Google-Smtp-Source: AA6agR7QW2QIf7QVDTbXDB/aYzIoUUQUDp/YjP/GjKPNHzFSkh3R6BMuORCZ70zCcjObCW+1Dbo2 X-Received: by 2002:a63:1ce:0:b0:41c:6c25:5ae with SMTP id 197-20020a6301ce000000b0041c6c2505aemr20297293pgb.155.1661253583246; Tue, 23 Aug 2022 04:19:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1661253583; cv=none; d=google.com; s=arc-20160816; b=BGvFpZeeQ0sAvAUK/mSfUOQ0nHJqrxcEa/Ky56OXHhT40gD0Tf3UsVzWjR6sI4DkY4 kkdRUSMw9klP6A6GYCxGwsykf3OEur3s/zc+SwKtiuiynCN4B5P+TPdu1JNqGmopAsBZ ERrEODuJk6zWKeXhZictbxL4E6fDJi9rp+z/aeZ7dOXViOaaUBfDNRt3+HK1BOS7t+sX h0vtlzS3sQdGsj76T6wZpJL3U103hdsBtnE5Lu0W0zsFZOgFEwTWazODkz08bX2ad/zF JQgwXd4y5Rd21StR8dbOs82QPMv89J3p1/2kheGCxtnSEbSAUIgwihJip444dBhH80xR 0QJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=GScICn5PhTTujNuDa5QBiDJCtApkWn75h/uGTicrlpk=; b=nJd2HQmHZi/O7EMuvPXYlYPTa00HuDW0aQZ2WuaLTr7o6yLi28UBM4GeecCB3t+tP1 Eopp8eJkLCQAwRCloDOHgRAwZ9NdBUhCON47xmhj3feq7mEM6INwElEY63lwm4DVr76j 0eF3bETNl3SIjA01lCdtinrLHnUEnmBCPU1kXtOqo3EkZC2Inx9GTj+F/vnxpWQ0UpqN KvwDTBt8tU+ix4Y30GYsJwmGIowpuLqPKbUK1rHR369cLcKuXbP9qZqbK8sTXgzJLwJC X2ztHWrasoCkCMPo30GfiKiRPUToJf1WHNGLGcp4vSi0BdNxgmn1ndPTs7T3TTO+yzPf mh1A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=U6Y1VTSU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id mw13-20020a17090b4d0d00b001f1e9e2933asi16937879pjb.177.2022.08.23.04.19.31; Tue, 23 Aug 2022 04:19:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=U6Y1VTSU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243169AbiHWJm7 (ORCPT + 99 others); Tue, 23 Aug 2022 05:42:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34884 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1351825AbiHWJkd (ORCPT ); Tue, 23 Aug 2022 05:40:33 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8EB7979605; Tue, 23 Aug 2022 01:41:30 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 16C3A61446; Tue, 23 Aug 2022 08:40:45 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1D2CEC433C1; Tue, 23 Aug 2022 08:40:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1661244044; bh=+BJTvkYDRr0aE4L6o5TNcyJvj52o/Lx/16ryarOswAU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=U6Y1VTSUWlWltHkwK01XEe4aav+4MoN7rejQPgVPN2s/z4Piu7e3M0KrDnpSyPi7I 6yEoTFoOJJCZuszPXryVyrIG0+YPMoEL61BPAfb1rYKjIQ7OvkDv1WIHV455FFMO5s XFdY28BS98j9H0DL58gCaWXTxa/iy2X55a2tfr9c= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, John Johansen Subject: [PATCH 5.15 028/244] apparmor: fix quiet_denied for file rules Date: Tue, 23 Aug 2022 10:23:07 +0200 Message-Id: <20220823080059.994254834@linuxfoundation.org> X-Mailer: git-send-email 2.37.2 In-Reply-To: <20220823080059.091088642@linuxfoundation.org> References: <20220823080059.091088642@linuxfoundation.org> User-Agent: quilt/0.67 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: John Johansen commit 68ff8540cc9e4ab557065b3f635c1ff4c96e1f1c upstream. Global quieting of denied AppArmor generated file events is not handled correctly. Unfortunately the is checking if quieting of all audit events is set instead of just denied events. Fixes: 67012e8209df ("AppArmor: basic auditing infrastructure.") Signed-off-by: John Johansen Signed-off-by: Greg Kroah-Hartman --- security/apparmor/audit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/security/apparmor/audit.c +++ b/security/apparmor/audit.c @@ -137,7 +137,7 @@ int aa_audit(int type, struct aa_profile } if (AUDIT_MODE(profile) == AUDIT_QUIET || (type == AUDIT_APPARMOR_DENIED && - AUDIT_MODE(profile) == AUDIT_QUIET)) + AUDIT_MODE(profile) == AUDIT_QUIET_DENIED)) return aad(sa)->error; if (KILL_MODE(profile) && type == AUDIT_APPARMOR_DENIED)