Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v5.5 2019-06-05T15:37:17Z 2019-06-05T15:37:17Z Thomas Gleixner tglx@linutronix.de 2019-06-01T08:08:55Z urn:sha1:b886d83c5b621abc84ff9616f14c529be3f6b147 Based on 1 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license as published by the free software foundation version 2 of the license extracted by the scancode license scanner the SPDX license identifier GPL-2.0-only has been chosen to replace the boilerplate/reference in 315 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Allison Randal <allison@lohutok.net> Reviewed-by: Armijn Hemel <armijn@tjaldur.nl> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190531190115.503150771@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2019-02-01T04:00:15Z Richard Guy Briggs rgb@redhat.com 2019-01-31T16:52:11Z urn:sha1:90462a5bd30c6ed91c6758e59537d047d7878ff9 The audit_rule_match() struct audit_context *actx parameter is not used by any in-tree consumers (selinux, apparmour, integrity, smack). The audit context is an internal audit structure that should only be accessed by audit accessor functions. It was part of commit 03d37d25e0f9 ("LSM/Audit: Introduce generic Audit LSM hooks") but appears to have never been used. Remove it. Please see the github issue https://github.com/linux-audit/audit-kernel/issues/107 Signed-off-by: Richard Guy Briggs <rgb@redhat.com> [PM: fixed the referenced commit title] Signed-off-by: Paul Moore <paul@paul-moore.com> 2018-06-07T08:50:48Z Tyler Hicks tyhicks@canonical.com 2018-05-17T19:53:45Z urn:sha1:52e8c38001d8ef0ca07ef428e480cd4a35e46abf Currently on the error exit path the allocated rule is not free'd causing a memory leak. Fix this by calling aa_audit_rule_free(). Detected by CoverityScan, CID#1468966 ("Resource leaks") Fixes: cb740f574c7b ("apparmor: modify audit rule support to support profile stacks") Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com> 2018-06-07T08:50:48Z John Johansen john.johansen@canonical.com 2018-05-03T07:39:58Z urn:sha1:2ab47dae54d567bbb1ad3e96e5b2601cc13f4d2b Allows for audit rules, where a rule could specify a profile stack A//&B, while extending the current semantic so if the label specified in the audit rule is a subset of the secid it is considered a match. Eg. if the secid resolves to the label stack A//&B//&C Then an audit rule specifying a label of A - would match B - would match C - would match D - would not A//&B - would match as a subset A//&C - would match as a subset B//&C - would match as a subset A//&B//&C - would match A//&D - would not match, because while A does match, D is also specified and does not Note: audit rules are currently assumed to be coming from the root namespace. Signed-off-by: John Johansen <john.johansen@canonical.com> 2018-06-07T08:50:47Z Matthew Garrett mjg59@google.com 2018-04-16T18:23:58Z urn:sha1:e79c26d04043b15de64f082d4da52e9fff7ca607 This patch adds support to Apparmor for integrating with audit rule filtering. Right now it only handles SUBJ_ROLE, interpreting it as a single component of a label. This is sufficient to get Apparmor working with IMA's appraisal rules without any modifications on the IMA side. Signed-off-by: Matthew Garrett <mjg59@google.com> Signed-off-by: John Johansen <john.johansen@canonical.com> 2017-06-11T00:11:38Z John Johansen john.johansen@canonical.com 2017-06-09T15:14:28Z urn:sha1:637f688dc3dc304a89f441d76f49a0e35bc49c08 Begin the actual switch to using domain labels by storing them on the context and converting the label to a singular profile where possible. Signed-off-by: John Johansen <john.johansen@canonical.com> 2017-01-16T09:18:56Z John Johansen john.johansen@canonical.com 2017-01-16T08:43:15Z urn:sha1:e6bfa25deb5096c05a08f01e4d6a436dd331fa88 AA_BUG() uses WARN and won't break the kernel like BUG_ON(). Signed-off-by: John Johansen <john.johansen@canonical.com> 2017-01-16T09:18:47Z John Johansen john.johansen@canonical.com 2017-01-16T08:43:02Z urn:sha1:ef88a7ac55fdd3bf6ac3942b83aa29311b45339b The aad macro can replace aad strings when it is not intended to. Switch to a fn macro so it is only applied when intended. Also at the same time cleanup audit_data initialization by putting common boiler plate behind a macro, and dropping the gfp_t parameter which will become useless. Signed-off-by: John Johansen <john.johansen@canonical.com> 2017-01-16T09:18:46Z John Johansen john.johansen@canonical.com 2017-01-16T08:43:01Z urn:sha1:47f6e5cc7355e4ff2fd7ace919aa9e291077c26b Having ops be an integer that is an index into an op name table is awkward and brittle. Every op change requires an edit for both the op constant and a string in the table. Instead switch to using const strings directly, eliminating the need for the table that needs to be kept in sync. Signed-off-by: John Johansen <john.johansen@canonical.com> 2017-01-16T08:42:15Z John Johansen john.johansen@canonical.com 2017-01-16T08:42:15Z urn:sha1:cff281f6861e72f1416927aaa0c10a08bb7b2d3f Policy namespaces will be diverging from profile management and expanding so put it in its own file. Signed-off-by: John Johansen <john.johansen@canonical.com>