From: John Johansen <john.johansen@canonical.com>
To: Arnd Bergmann <arnd@arndb.de>
Cc: James Morris <james.l.morris@oracle.com>,
"Serge E. Hallyn" <serge@hallyn.com>,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling
Date: Wed, 13 Jul 2016 14:14:35 -0700 [thread overview]
Message-ID: <5786AF3B.5040104@canonical.com> (raw)
In-Reply-To: <20160713205122.1383314-1-arnd@arndb.de>
On 07/13/2016 01:50 PM, Arnd Bergmann wrote:
> The newly added Kconfig option could never work and just causes a build error
> when disabled:
>
> security/apparmor/lsm.c:675:25: error: 'CONFIG_SECURITY_APPARMOR_HASH_DEFAULT' undeclared here (not in a function)
> bool aa_g_hash_policy = CONFIG_SECURITY_APPARMOR_HASH_DEFAULT;
>
> The problem is that the macro undefined in this case, and we need to use the IS_ENABLED()
> helper to turn it into a boolean constant.
>
oops yep, looks like I've built with Y and N but not left undefined
> Another minor problem with the original patch is that the option is even offered
> in sysfs when SECURITY_APPARMOR_HASH is not enabled, so this also hides the option
> in that case.
>
ah yeah nice
also nice that you pulled the condition check into the calc_profile_hash() fn so the
check won't get accidentally dropped by something else calling it
> Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: John Johansen <john.johansen@canonical.com>
> Fixes: 6059f71f1e94 ("apparmor: add parameter to control whether policy hashing is used")
> ---
> security/apparmor/crypto.c | 3 +++
> security/apparmor/lsm.c | 4 +++-
> security/apparmor/policy_unpack.c | 3 +--
> 3 files changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/security/apparmor/crypto.c b/security/apparmor/crypto.c
> index 532471d0b3a0..b75dab0df1cb 100644
> --- a/security/apparmor/crypto.c
> +++ b/security/apparmor/crypto.c
> @@ -39,6 +39,9 @@ int aa_calc_profile_hash(struct aa_profile *profile, u32 version, void *start,
> int error = -ENOMEM;
> u32 le32_version = cpu_to_le32(version);
>
> + if (!aa_g_hash_policy)
> + return 0;
> +
> if (!apparmor_tfm)
> return 0;
>
> diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
> index 3be30c701bfa..41b8cb115801 100644
> --- a/security/apparmor/lsm.c
> +++ b/security/apparmor/lsm.c
> @@ -671,9 +671,11 @@ enum profile_mode aa_g_profile_mode = APPARMOR_ENFORCE;
> module_param_call(mode, param_set_mode, param_get_mode,
> &aa_g_profile_mode, S_IRUSR | S_IWUSR);
>
> +#ifdef CONFIG_SECURITY_APPARMOR_HASH
> /* whether policy verification hashing is enabled */
> -bool aa_g_hash_policy = CONFIG_SECURITY_APPARMOR_HASH_DEFAULT;
> +bool aa_g_hash_policy = IS_ENABLED(CONFIG_SECURITY_APPARMOR_HASH_DEFAULT);
> module_param_named(hash_policy, aa_g_hash_policy, aabool, S_IRUSR | S_IWUSR);
> +#endif
>
> /* Debug mode */
> bool aa_g_debug;
> diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
> index b9b1c66a32a5..138120698f83 100644
> --- a/security/apparmor/policy_unpack.c
> +++ b/security/apparmor/policy_unpack.c
> @@ -778,8 +778,7 @@ int aa_unpack(void *udata, size_t size, struct list_head *lh, const char **ns)
> if (error)
> goto fail_profile;
>
> - if (aa_g_hash_policy)
> - error = aa_calc_profile_hash(profile, e.version, start,
> + error = aa_calc_profile_hash(profile, e.version, start,
> e.pos - start);
> if (error)
> goto fail_profile;
>
next prev parent reply other threads:[~2016-07-13 21:14 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-13 20:50 [PATCH] apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling Arnd Bergmann
2016-07-13 21:14 ` John Johansen [this message]
-- strict thread matches above, loose matches on Subject: below --
2016-07-25 17:59 [Patch 0/1] apparmor: fix to 4.8 pull request John Johansen
2016-07-25 17:59 ` [PATCH] apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling John Johansen
2016-07-26 11:38 ` James Morris
2016-07-26 16:56 ` John Johansen
2018-09-09 14:04 Loic
2018-09-17 11:49 ` Greg KH
2018-09-17 13:40 ` John Johansen
2018-09-17 13:58 ` Greg KH
2018-09-17 13:58 ` Greg KH
2018-09-17 19:45 ` Loic
2018-09-17 21:15 ` Greg KH
2018-09-17 21:37 ` Greg KH
2018-09-17 21:56 ` Nathan Chancellor
2018-09-17 22:12 ` John Johansen
2018-09-21 5:40 ` Loic
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5786AF3B.5040104@canonical.com \
--to=john.johansen@canonical.com \
--cc=arnd@arndb.de \
--cc=james.l.morris@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.