Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1756000Ab2B0WXy (ORCPT <rfc822;w@1wt.eu>);
	Mon, 27 Feb 2012 17:23:54 -0500
Received: from youngberry.canonical.com ([91.189.89.112]:38803 "EHLO
	youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1755926Ab2B0WXw (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Mon, 27 Feb 2012 17:23:52 -0500
From: John Johansen <john.johansen@canonical.com>
To: linux-kernel@vger.kernel.org
Cc: linux-security-module@vger.kernel.org
Subject: [PATCH 5/7] AppArmor: Make chroot relative the default path lookup type
Date: Mon, 27 Feb 2012 14:23:15 -0800
Message-Id: <1330381397-5352-6-git-send-email-john.johansen@canonical.com>
X-Mailer: git-send-email 1.7.9
In-Reply-To: <1330381397-5352-1-git-send-email-john.johansen@canonical.com>
References: <1330381397-5352-1-git-send-email-john.johansen@canonical.com>
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2439
Lines: 65

Profiles that want name lookup past the chroot to the namespace root
must be marked as such, all other profiles should be chroot relative.

Currently the autogenerated null (learning), and unconfined  profiles are
not marked as such. Make sure they are properly flagged. This should not
affect behavior except for auto-generated profiles when a chroot is entered.
Profiles loaded from userspace will not be affected as they provide their
own value for the flag.

This change does not affect mediation as it only changes the path reported by
the unconfined (none mediating), an null learning profiles.

Also ensure that if a profile is ever loaded with out path flags set, that
it defaults to being chroot relative.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <kees@ubuntu.com>
---
 security/apparmor/policy.c        |    3 +++
 security/apparmor/policy_unpack.c |    3 ++-
 2 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index 4f0eade..537e5dc 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -655,6 +655,9 @@ struct aa_profile *aa_alloc_profile(const char *hname)
 		return NULL;
 	}
 
+	/* default to chroot relative paths */
+	profile->path_flags = PATH_CHROOT_REL;
+
 	/* refcount released by caller */
 	return profile;
 }
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index 5c46acf..6137b10 100644
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -25,6 +25,7 @@
 #include "include/audit.h"
 #include "include/context.h"
 #include "include/match.h"
+#include "include/path.h"
 #include "include/policy.h"
 #include "include/policy_unpack.h"
 #include "include/sid.h"
@@ -523,7 +524,7 @@ static struct aa_profile *unpack_profile(struct aa_ext *e)
 		profile->path_flags |= profile->flags & PFLAG_MEDIATE_DELETED;
 	else
 		/* set a default value if path_flags field is not present */
-		profile->path_flags = PFLAG_MEDIATE_DELETED;
+		profile->path_flags = PFLAG_MEDIATE_DELETED | PATH_CHROOT_REL;
 
 	if (!unpack_u32(e, &(profile->caps.allow.cap[0]), NULL))
 		goto fail;
-- 
1.7.9

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/