Commit 92b6d8eff55f8dca57ade26e1dde2c3b6acdae02
1 parent
31617ddfdd
apparmor: allow ns visibility question to consider subnses
Signed-off-by: John Johansen <john.johansen@canonical.com>
Showing 4 changed files with 14 additions and 8 deletions Side-by-side Diff
security/apparmor/apparmorfs.c
... | ... | @@ -750,7 +750,7 @@ |
750 | 750 | struct aa_ns *root = f->private; |
751 | 751 | |
752 | 752 | if (profile->ns != root) |
753 | - seq_printf(f, ":%s://", aa_ns_name(root, profile->ns)); | |
753 | + seq_printf(f, ":%s://", aa_ns_name(root, profile->ns, true)); | |
754 | 754 | seq_printf(f, "%s (%s)\n", profile->base.hname, |
755 | 755 | aa_profile_mode_names[profile->mode]); |
756 | 756 |
security/apparmor/include/policy_ns.h
... | ... | @@ -74,8 +74,8 @@ |
74 | 74 | |
75 | 75 | extern const char *aa_hidden_ns_name; |
76 | 76 | |
77 | -bool aa_ns_visible(struct aa_ns *curr, struct aa_ns *view); | |
78 | -const char *aa_ns_name(struct aa_ns *parent, struct aa_ns *child); | |
77 | +bool aa_ns_visible(struct aa_ns *curr, struct aa_ns *view, bool subns); | |
78 | +const char *aa_ns_name(struct aa_ns *parent, struct aa_ns *child, bool subns); | |
79 | 79 | void aa_free_ns(struct aa_ns *ns); |
80 | 80 | int aa_alloc_root_ns(void); |
81 | 81 | void aa_free_root_ns(void); |
security/apparmor/policy_ns.c
... | ... | @@ -33,18 +33,23 @@ |
33 | 33 | * aa_ns_visible - test if @view is visible from @curr |
34 | 34 | * @curr: namespace to treat as the parent (NOT NULL) |
35 | 35 | * @view: namespace to test if visible from @curr (NOT NULL) |
36 | + * @subns: whether view of a subns is allowed | |
36 | 37 | * |
37 | 38 | * Returns: true if @view is visible from @curr else false |
38 | 39 | */ |
39 | -bool aa_ns_visible(struct aa_ns *curr, struct aa_ns *view) | |
40 | +bool aa_ns_visible(struct aa_ns *curr, struct aa_ns *view, bool subns) | |
40 | 41 | { |
41 | 42 | if (curr == view) |
42 | 43 | return true; |
43 | 44 | |
45 | + if (!subns) | |
46 | + return false; | |
47 | + | |
44 | 48 | for ( ; view; view = view->parent) { |
45 | 49 | if (view->parent == curr) |
46 | 50 | return true; |
47 | 51 | } |
52 | + | |
48 | 53 | return false; |
49 | 54 | } |
50 | 55 | |
51 | 56 | |
52 | 57 | |
... | ... | @@ -52,16 +57,17 @@ |
52 | 57 | * aa_na_name - Find the ns name to display for @view from @curr |
53 | 58 | * @curr - current namespace (NOT NULL) |
54 | 59 | * @view - namespace attempting to view (NOT NULL) |
60 | + * @subns - are subns visible | |
55 | 61 | * |
56 | 62 | * Returns: name of @view visible from @curr |
57 | 63 | */ |
58 | -const char *aa_ns_name(struct aa_ns *curr, struct aa_ns *view) | |
64 | +const char *aa_ns_name(struct aa_ns *curr, struct aa_ns *view, bool subns) | |
59 | 65 | { |
60 | 66 | /* if view == curr then the namespace name isn't displayed */ |
61 | 67 | if (curr == view) |
62 | 68 | return ""; |
63 | 69 | |
64 | - if (aa_ns_visible(curr, view)) { | |
70 | + if (aa_ns_visible(curr, view, subns)) { | |
65 | 71 | /* at this point if a ns is visible it is in a view ns |
66 | 72 | * thus the curr ns.hname is a prefix of its name. |
67 | 73 | * Only output the virtualized portion of the name |
security/apparmor/procattr.c
... | ... | @@ -44,10 +44,10 @@ |
44 | 44 | struct aa_ns *current_ns = __aa_current_profile()->ns; |
45 | 45 | char *s; |
46 | 46 | |
47 | - if (!aa_ns_visible(current_ns, ns)) | |
47 | + if (!aa_ns_visible(current_ns, ns, true)) | |
48 | 48 | return -EACCES; |
49 | 49 | |
50 | - ns_name = aa_ns_name(current_ns, ns); | |
50 | + ns_name = aa_ns_name(current_ns, ns, true); | |
51 | 51 | ns_len = strlen(ns_name); |
52 | 52 | |
53 | 53 | /* if the visible ns_name is > 0 increase size for : :// seperator */ |