Re: [PATCH] apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling

Linux kernel -stable discussions
 help / color / mirror / Atom feed

From: Greg KH <gregkh@linuxfoundation.org>
To: Loic <hackurx@opensec.fr>
Cc: stable@vger.kernel.org, arnd@arndb.de,
	john.johansen@canonical.com, james.l.morris@oracle.com
Subject: Re: [PATCH] apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling
Date: Mon, 17 Sep 2018 23:37:54 +0200	[thread overview]
Message-ID: <20180917213754.GA22908@kroah.com> (raw)
In-Reply-To: <20180917211542.GA17153@kroah.com>

On Mon, Sep 17, 2018 at 11:15:42PM +0200, Greg KH wrote:
> On Mon, Sep 17, 2018 at 09:45:47PM +0200, Loic wrote:
> > On Mon, 17 Sep 2018 15:58:56 +0200
> > Greg KH <gregkh@linuxfoundation.org> wrote:
> > 
> > > On Sun, Sep 09, 2018 at 04:04:18PM +0200, Loic wrote:
> > > > Hello,
> > > > 
> > > > Tested without any problem so please picked up this for 4.4 to fix the
> > > > problem.
> > > > The patch below is slightly modified to adapt to this version.
> > > > 
> > > > [ Upstream commit 7616ac70d1bb4f2e9d25c1a82d283f3368a7b632 ]
> > > > 
> > > > The newly added Kconfig option could never work and just causes a build
> > > > error
> > > > when disabled:
> > > > 
> > > > security/apparmor/lsm.c:675:25: error:
> > > > 'CONFIG_SECURITY_APPARMOR_HASH_DEFAULT' undeclared here (not in a function)
> > > >  bool aa_g_hash_policy = CONFIG_SECURITY_APPARMOR_HASH_DEFAULT;
> > > > 
> > > > The problem is that the macro undefined in this case, and we need to use the
> > > > IS_ENABLED()
> > > > helper to turn it into a boolean constant.
> > > > 
> > > > Another minor problem with the original patch is that the option is even
> > > > offered
> > > > in sysfs when SECURITY_APPARMOR_HASH is not enabled, so this also hides the
> > > > option
> > > > in that case.
> > > > 
> > > > Signed-off-by: Arnd Bergmann <arnd@arndb.de>
> > > > Fixes: 6059f71f1e94 ("apparmor: add parameter to control whether policy
> > > > hashing is used")
> > > > Signed-off-by: John Johansen <john.johansen@canonical.com>
> > > > Signed-off-by: James Morris <james.l.morris@oracle.com>
> > > > ---
> > > > diff -Nurp a/security/apparmor/crypto.c b/security/apparmor/crypto.c
> > > > --- a/security/apparmor/crypto.c
> > > > +++ b/security/apparmor/crypto.c
> > > > @@ -39,6 +39,9 @@ int aa_calc_profile_hash(struct aa_profi
> > > >  	int error = -ENOMEM;
> > > >  	u32 le32_version = cpu_to_le32(version);
> > > > 
> > > > +	if (!aa_g_hash_policy)
> > > > +		return 0;
> > > > +
> > > >  	if (!apparmor_tfm)
> > > >  		return 0;
> > > > 
> > > > diff -Nurp a/security/apparmor/lsm.c b/security/apparmor/lsm.c
> > > > --- a/security/apparmor/lsm.c
> > > > +++ b/security/apparmor/lsm.c
> > > > @@ -692,6 +692,12 @@ enum profile_mode aa_g_profile_mode = AP
> > > >  module_param_call(mode, param_set_mode, param_get_mode,
> > > >  		  &aa_g_profile_mode, S_IRUSR | S_IWUSR);
> > > > 
> > > > +#ifdef CONFIG_SECURITY_APPARMOR_HASH
> > > > +/* whether policy verification hashing is enabled */
> > > > +bool aa_g_hash_policy = IS_ENABLED(CONFIG_SECURITY_APPARMOR_HASH_DEFAULT);
> > > > +module_param_named(hash_policy, aa_g_hash_policy, aabool, S_IRUSR |
> > > > S_IWUSR);
> > > > +#endif
> > > > +
> > > >  /* Debug mode */
> > > >  bool aa_g_debug;
> > > >  module_param_named(debug, aa_g_debug, aabool, S_IRUSR | S_IWUSR);
> > > > ---
> > > 
> > > The patch is whitespace corrupted and can not be applied :(
> > 
> > Sorry, I noticed the problem afterwards. I opened a bug report to try to fix my mail client:
> > https://github.com/roundcube/roundcubemail/issues/6438
> > 
> > > 
> > > Can you fix that up and resend it so that I can apply it?
> > 
> > No problem. Thanks for all.
> > 
> > Signed-off-by: Arnd Bergmann <arnd@arndb.de>
> > Fixes: 6059f71f1e94 ("apparmor: add parameter to control whether policy hashing is used")
> > Signed-off-by: John Johansen <john.johansen@canonical.com>
> > Signed-off-by: James Morris <james.l.morris@oracle.com>
> > ---
> > diff -Nurp a/security/apparmor/crypto.c b/security/apparmor/crypto.c
> > --- a/security/apparmor/crypto.c
> > +++ b/security/apparmor/crypto.c
> > @@ -39,6 +39,9 @@ int aa_calc_profile_hash(struct aa_profi
> >  	int error = -ENOMEM;
> >  	u32 le32_version = cpu_to_le32(version);
> >  
> > +	if (!aa_g_hash_policy)
> > +		return 0;
> > +
> >  	if (!apparmor_tfm)
> >  		return 0;
> >  
> > diff -Nurp a/security/apparmor/lsm.c b/security/apparmor/lsm.c
> > --- a/security/apparmor/lsm.c
> > +++ b/security/apparmor/lsm.c
> > @@ -692,6 +694,12 @@ enum profile_mode aa_g_profile_mode = AP
> >  module_param_call(mode, param_set_mode, param_get_mode,
> >  		  &aa_g_profile_mode, S_IRUSR | S_IWUSR);
> >  
> > +#ifdef CONFIG_SECURITY_APPARMOR_HASH
> > +/* whether policy verification hashing is enabled */
> > +bool aa_g_hash_policy = IS_ENABLED(CONFIG_SECURITY_APPARMOR_HASH_DEFAULT);
> > +module_param_named(hash_policy, aa_g_hash_policy, aabool, S_IRUSR | S_IWUSR);
> > +#endif
> > +
> >  /* Debug mode */
> >  bool aa_g_debug;
> >  module_param_named(debug, aa_g_debug, aabool, S_IRUSR | S_IWUSR);
> 
> THanks, that worked, now queued up.

And dropped as this patch broke the build.  I'm guessing this really
isn't needed if you didn't even test it worked :(

Please fix all of this up, test it properly, and then send it as a
"clean" patch that I can apply easily.

thanks,

greg k-h

next prev parent reply	other threads:[~2018-09-18  3:07 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-09-09 14:04 [PATCH] apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling Loic
2018-09-17 11:49 ` Greg KH
2018-09-17 13:40   ` John Johansen
2018-09-17 13:58     ` Greg KH
2018-09-17 13:58 ` Greg KH
2018-09-17 19:45   ` Loic
2018-09-17 21:15     ` Greg KH
2018-09-17 21:37       ` Greg KH [this message]
2018-09-17 21:56         ` Nathan Chancellor
2018-09-17 22:12           ` John Johansen
2018-09-21  5:40             ` Loic

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180917213754.GA22908@kroah.com \
    --to=gregkh@linuxfoundation.org \
    --cc=arnd@arndb.de \
    --cc=hackurx@opensec.fr \
    --cc=james.l.morris@oracle.com \
    --cc=john.johansen@canonical.com \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox