<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/security/apparmor/path.c, branch linux-3.12.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>apparmor: internal paths should be treated as disconnected</title>
<updated>2017-01-27T10:16:08+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2014-07-25T11:02:10+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=d310760cc000323f0eab566f2f112819b06efc4e'/>
<id>d310760cc000323f0eab566f2f112819b06efc4e</id>
<content type='text'>
commit bd35db8b8ca6e27fc17a9057ef78e1ddfc0de351 upstream.

Internal mounts are not mounted anywhere and as such should be treated
as disconnected paths.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;
Signed-off-by: Jiri Slaby &lt;jslaby@suse.cz&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit bd35db8b8ca6e27fc17a9057ef78e1ddfc0de351 upstream.

Internal mounts are not mounted anywhere and as such should be treated
as disconnected paths.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;
Signed-off-by: Jiri Slaby &lt;jslaby@suse.cz&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: fix disconnected bind mnts reconnection</title>
<updated>2017-01-27T10:16:08+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2014-07-25T11:02:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=393776e08a7d128a7eda2043b313299566344ea0'/>
<id>393776e08a7d128a7eda2043b313299566344ea0</id>
<content type='text'>
commit f2e561d190da7ff5ee265fa460e2d7f753dddfda upstream.

Bind mounts can fail to be properly reconnected when PATH_CONNECT is
specified. Ensure that when PATH_CONNECT is specified the path has
a root.

BugLink: http://bugs.launchpad.net/bugs/1319984

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;
Signed-off-by: Jiri Slaby &lt;jslaby@suse.cz&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit f2e561d190da7ff5ee265fa460e2d7f753dddfda upstream.

Bind mounts can fail to be properly reconnected when PATH_CONNECT is
specified. Ensure that when PATH_CONNECT is specified the path has
a root.

BugLink: http://bugs.launchpad.net/bugs/1319984

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;
Signed-off-by: Jiri Slaby &lt;jslaby@suse.cz&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: fix error code to failure message mapping for name lookup</title>
<updated>2013-04-28T07:35:40+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2013-02-19T00:02:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=e573cc30bb36df23fb49a29d96e6c6333d17f59c'/>
<id>e573cc30bb36df23fb49a29d96e6c6333d17f59c</id>
<content type='text'>
-ESTALE used to be incorrectly used to indicate a disconnected path, when
name lookup failed.  This was fixed in commit e1b0e444 to correctly return
-EACCESS, but the error to failure message mapping was not correctly updated
to reflect this change.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Steve Beattie &lt;sbeattie@ubuntu.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
-ESTALE used to be incorrectly used to indicate a disconnected path, when
name lookup failed.  This was fixed in commit e1b0e444 to correctly return
-EACCESS, but the error to failure message mapping was not correctly updated
to reflect this change.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Steve Beattie &lt;sbeattie@ubuntu.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: fix long path failure due to disconnected path</title>
<updated>2012-05-18T18:09:52+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2012-05-16T18:01:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=cffee16e8b997ab947de661e8820e486b0830c94'/>
<id>cffee16e8b997ab947de661e8820e486b0830c94</id>
<content type='text'>
BugLink: http://bugs.launchpad.net/bugs/955892

All failures from __d_path where being treated as disconnected paths,
however __d_path can also fail when the generated pathname is too long.

The initial ENAMETOOLONG error was being lost, and ENAMETOOLONG was only
returned if the subsequent dentry_path call resulted in that error.  Other
wise if the path was split across a mount point such that the dentry_path
fit within the buffer when the __d_path did not the failure was treated
as a disconnected path.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
BugLink: http://bugs.launchpad.net/bugs/955892

All failures from __d_path where being treated as disconnected paths,
however __d_path can also fail when the generated pathname is too long.

The initial ENAMETOOLONG error was being lost, and ENAMETOOLONG was only
returned if the subsequent dentry_path call resulted in that error.  Other
wise if the path was split across a mount point such that the dentry_path
fit within the buffer when the __d_path did not the failure was treated
as a disconnected path.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>AppArmor: Move path failure information into aa_get_name and rename</title>
<updated>2012-03-14T13:15:25+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2012-02-16T14:20:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=57fa1e18091e66b7e1002816523cb218196a882e'/>
<id>57fa1e18091e66b7e1002816523cb218196a882e</id>
<content type='text'>
Move the path name lookup failure messages into the main path name lookup
routine, as the information is useful in more than just aa_path_perm.

Also rename aa_get_name to aa_path_name as it is not getting a reference
counted object with a corresponding put fn.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Kees Cook &lt;kees@ubuntu.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Move the path name lookup failure messages into the main path name lookup
routine, as the information is useful in more than just aa_path_perm.

Also rename aa_get_name to aa_path_name as it is not getting a reference
counted object with a corresponding put fn.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Kees Cook &lt;kees@ubuntu.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>AppArmor: Minor cleanup of d_namespace_path to consolidate error handling</title>
<updated>2012-03-14T13:15:23+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2012-02-16T14:32:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=3372b68a3c982611dcc30b3c872f8bbdee019e5e'/>
<id>3372b68a3c982611dcc30b3c872f8bbdee019e5e</id>
<content type='text'>
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Kees Cook &lt;kees@ubuntu.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Kees Cook &lt;kees@ubuntu.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>AppArmor: Retrieve the dentry_path for error reporting when path lookup fails</title>
<updated>2012-03-14T13:15:22+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2012-02-16T14:28:50+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=fbba8d89acea5d628d1d076b1d8962db438ff832'/>
<id>fbba8d89acea5d628d1d076b1d8962db438ff832</id>
<content type='text'>
When __d_path and d_absolute_path fail due to the name being outside of
the current namespace no name is reported.  Use dentry_path to provide
some hint as to which file was being accessed.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Kees Cook &lt;kees@ubuntu.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
When __d_path and d_absolute_path fail due to the name being outside of
the current namespace no name is reported.  Use dentry_path to provide
some hint as to which file was being accessed.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Kees Cook &lt;kees@ubuntu.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>AppArmor: Fix error returned when a path lookup is disconnected</title>
<updated>2012-03-14T13:14:52+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2012-03-10T19:19:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=ef9a762279c9ce98c592fb144b31898411feb94d'/>
<id>ef9a762279c9ce98c592fb144b31898411feb94d</id>
<content type='text'>
The returning of -ESATLE when a path lookup fails as disconnected is wrong.
Since AppArmor is rejecting the access return -EACCES instead.

This also fixes a bug in complain (learning) mode where disconnected paths
are denied because -ESTALE errors are not ignored causing failures that
can change application behavior.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The returning of -ESATLE when a path lookup fails as disconnected is wrong.
Since AppArmor is rejecting the access return -EACCES instead.

This also fixes a bug in complain (learning) mode where disconnected paths
are denied because -ESTALE errors are not ignored causing failures that
can change application behavior.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>AppArmor: Fix the error case for chroot relative path name lookup</title>
<updated>2012-02-27T19:38:23+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2012-02-16T14:21:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=28042fabf43b9a8ccfaa38f8c8187cc525e53fd3'/>
<id>28042fabf43b9a8ccfaa38f8c8187cc525e53fd3</id>
<content type='text'>
When a chroot relative pathname lookup fails it is falling through to
do a d_absolute_path lookup.  This is incorrect as d_absolute_path should
only be used to lookup names for namespace absolute paths.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Kees Cook &lt;kees@ubuntu.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
When a chroot relative pathname lookup fails it is falling through to
do a d_absolute_path lookup.  This is incorrect as d_absolute_path should
only be used to lookup names for namespace absolute paths.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Kees Cook &lt;kees@ubuntu.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>btrfs, nfs, apparmor: don't pull mnt_namespace.h for no reason...</title>
<updated>2012-01-04T03:52:38+00:00</updated>
<author>
<name>Al Viro</name>
<email>viro@zeniv.linux.org.uk</email>
</author>
<published>2011-11-25T01:14:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=e407699ef56ed948739dd57a5578ba8cb5bd81b2'/>
<id>e407699ef56ed948739dd57a5578ba8cb5bd81b2</id>
<content type='text'>
it's not needed anymore; we used to, back when we had to do
mount_subtree() by hand, complete with put_mnt_ns() in it.
No more...  Apparmor didn't need it since the __d_path() fix.

Signed-off-by: Al Viro &lt;viro@zeniv.linux.org.uk&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
it's not needed anymore; we used to, back when we had to do
mount_subtree() by hand, complete with put_mnt_ns() in it.
No more...  Apparmor didn't need it since the __d_path() fix.

Signed-off-by: Al Viro &lt;viro@zeniv.linux.org.uk&gt;
</pre>
</div>
</content>
</entry>
</feed>
