<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/security/apparmor/include/cred.h, branch v5.1</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>Infrastructure management of the cred security blob</title>
<updated>2019-01-08T21:18:44+00:00</updated>
<author>
<name>Casey Schaufler</name>
<email>casey@schaufler-ca.com</email>
</author>
<published>2018-11-12T17:30:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=bbd3662a834813730912a58efb44dd6df6d952e6'/>
<id>bbd3662a834813730912a58efb44dd6df6d952e6</id>
<content type='text'>
Move management of the cred security blob out of the
security modules and into the security infrastructre.
Instead of allocating and freeing space the security
modules tell the infrastructure how much space they
require.

Signed-off-by: Casey Schaufler &lt;casey@schaufler-ca.com&gt;
Reviewed-by: Kees Cook &lt;keescook@chromium.org&gt;
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Move management of the cred security blob out of the
security modules and into the security infrastructre.
Instead of allocating and freeing space the security
modules tell the infrastructure how much space they
require.

Signed-off-by: Casey Schaufler &lt;casey@schaufler-ca.com&gt;
Reviewed-by: Kees Cook &lt;keescook@chromium.org&gt;
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>AppArmor: Abstract use of cred security blob</title>
<updated>2019-01-08T21:18:44+00:00</updated>
<author>
<name>Casey Schaufler</name>
<email>casey@schaufler-ca.com</email>
</author>
<published>2018-09-22T00:17:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=69b5a44a95bb86f3ad8a50bf2e354057ec450082'/>
<id>69b5a44a95bb86f3ad8a50bf2e354057ec450082</id>
<content type='text'>
Don't use the cred-&gt;security pointer directly.
Provide a helper function that provides the security blob pointer.

Signed-off-by: Casey Schaufler &lt;casey@schaufler-ca.com&gt;
Reviewed-by: Kees Cook &lt;keescook@chromium.org&gt;
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Don't use the cred-&gt;security pointer directly.
Provide a helper function that provides the security blob pointer.

Signed-off-by: Casey Schaufler &lt;casey@schaufler-ca.com&gt;
Reviewed-by: Kees Cook &lt;keescook@chromium.org&gt;
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: don't try to replace stale label in ptrace access check</title>
<updated>2018-09-13T16:44:56+00:00</updated>
<author>
<name>Jann Horn</name>
<email>jannh@google.com</email>
</author>
<published>2018-09-13T16:12:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=1f8266ff58840d698a1e96d2274189de1bdf7969'/>
<id>1f8266ff58840d698a1e96d2274189de1bdf7969</id>
<content type='text'>
As a comment above begin_current_label_crit_section() explains,
begin_current_label_crit_section() must run in sleepable context because
when label_is_stale() is true, aa_replace_current_label() runs, which uses
prepare_creds(), which can sleep.
Until now, the ptrace access check (which runs with a task lock held)
violated this rule.

Also add a might_sleep() assertion to begin_current_label_crit_section(),
because asserts are less likely to be ignored than comments.

Fixes: b2d09ae449ced ("apparmor: move ptrace checks to using labels")
Signed-off-by: Jann Horn &lt;jannh@google.com&gt;
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
As a comment above begin_current_label_crit_section() explains,
begin_current_label_crit_section() must run in sleepable context because
when label_is_stale() is true, aa_replace_current_label() runs, which uses
prepare_creds(), which can sleep.
Until now, the ptrace access check (which runs with a task lock held)
violated this rule.

Also add a might_sleep() assertion to begin_current_label_crit_section(),
because asserts are less likely to be ignored than comments.

Fixes: b2d09ae449ced ("apparmor: move ptrace checks to using labels")
Signed-off-by: Jann Horn &lt;jannh@google.com&gt;
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: move context.h to cred.h</title>
<updated>2018-02-09T19:30:01+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2017-10-11T08:04:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=d8889d49e414b371eb235c08c3a759ab3e0cfa51'/>
<id>d8889d49e414b371eb235c08c3a759ab3e0cfa51</id>
<content type='text'>
Now that file contexts have been moved into file, and task context
fns() and data have been split from the context, only the cred context
remains in context.h so rename to cred.h to better reflect what it
deals with.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Now that file contexts have been moved into file, and task context
fns() and data have been split from the context, only the cred context
remains in context.h so rename to cred.h to better reflect what it
deals with.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
