提交 545de8fe 编写于 作者: J John Johansen 提交者: James Morris

apparmor: fix parameters so that the permission test is bypassed at boot

Boot parameters are written before apparmor is ready to answer whether
the user is policy_view_capable(). Setting the parameters at boot results
in an oops and failure to boot. Setting the parameters at boot is
obviously allowed so skip the permission check when apparmor is not
initialized.

While we are at it move the more complicated check to last.
Signed-off-by: NJohn Johansen <john.johansen@canonical.com>
Signed-off-by: NJames Morris <james.l.morris@oracle.com>
上级 b9b144bc
...@@ -57,7 +57,7 @@ ...@@ -57,7 +57,7 @@
pr_err_ratelimited("AppArmor: " fmt, ##args) pr_err_ratelimited("AppArmor: " fmt, ##args)
/* Flag indicating whether initialization completed */ /* Flag indicating whether initialization completed */
extern int apparmor_initialized __initdata; extern int apparmor_initialized;
/* fn's in lib */ /* fn's in lib */
char *aa_split_fqname(char *args, char **ns_name); char *aa_split_fqname(char *args, char **ns_name);
......
...@@ -39,7 +39,7 @@ ...@@ -39,7 +39,7 @@
#include "include/procattr.h" #include "include/procattr.h"
/* Flag indicating whether initialization completed */ /* Flag indicating whether initialization completed */
int apparmor_initialized __initdata; int apparmor_initialized;
DEFINE_PER_CPU(struct aa_buffers, aa_buffers); DEFINE_PER_CPU(struct aa_buffers, aa_buffers);
...@@ -738,78 +738,77 @@ __setup("apparmor=", apparmor_enabled_setup); ...@@ -738,78 +738,77 @@ __setup("apparmor=", apparmor_enabled_setup);
/* set global flag turning off the ability to load policy */ /* set global flag turning off the ability to load policy */
static int param_set_aalockpolicy(const char *val, const struct kernel_param *kp) static int param_set_aalockpolicy(const char *val, const struct kernel_param *kp)
{ {
if (!policy_admin_capable(NULL)) if (!apparmor_enabled)
return -EINVAL;
if (apparmor_initialized && !policy_admin_capable(NULL))
return -EPERM; return -EPERM;
return param_set_bool(val, kp); return param_set_bool(val, kp);
} }
static int param_get_aalockpolicy(char *buffer, const struct kernel_param *kp) static int param_get_aalockpolicy(char *buffer, const struct kernel_param *kp)
{ {
if (!policy_view_capable(NULL))
return -EPERM;
if (!apparmor_enabled) if (!apparmor_enabled)
return -EINVAL; return -EINVAL;
if (apparmor_initialized && !policy_view_capable(NULL))
return -EPERM;
return param_get_bool(buffer, kp); return param_get_bool(buffer, kp);
} }
static int param_set_aabool(const char *val, const struct kernel_param *kp) static int param_set_aabool(const char *val, const struct kernel_param *kp)
{ {
if (!policy_admin_capable(NULL))
return -EPERM;
if (!apparmor_enabled) if (!apparmor_enabled)
return -EINVAL; return -EINVAL;
if (apparmor_initialized && !policy_admin_capable(NULL))
return -EPERM;
return param_set_bool(val, kp); return param_set_bool(val, kp);
} }
static int param_get_aabool(char *buffer, const struct kernel_param *kp) static int param_get_aabool(char *buffer, const struct kernel_param *kp)
{ {
if (!policy_view_capable(NULL))
return -EPERM;
if (!apparmor_enabled) if (!apparmor_enabled)
return -EINVAL; return -EINVAL;
if (apparmor_initialized && !policy_view_capable(NULL))
return -EPERM;
return param_get_bool(buffer, kp); return param_get_bool(buffer, kp);
} }
static int param_set_aauint(const char *val, const struct kernel_param *kp) static int param_set_aauint(const char *val, const struct kernel_param *kp)
{ {
if (!policy_admin_capable(NULL))
return -EPERM;
if (!apparmor_enabled) if (!apparmor_enabled)
return -EINVAL; return -EINVAL;
if (apparmor_initialized && !policy_admin_capable(NULL))
return -EPERM;
return param_set_uint(val, kp); return param_set_uint(val, kp);
} }
static int param_get_aauint(char *buffer, const struct kernel_param *kp) static int param_get_aauint(char *buffer, const struct kernel_param *kp)
{ {
if (!policy_view_capable(NULL))
return -EPERM;
if (!apparmor_enabled) if (!apparmor_enabled)
return -EINVAL; return -EINVAL;
if (apparmor_initialized && !policy_view_capable(NULL))
return -EPERM;
return param_get_uint(buffer, kp); return param_get_uint(buffer, kp);
} }
static int param_get_audit(char *buffer, struct kernel_param *kp) static int param_get_audit(char *buffer, struct kernel_param *kp)
{ {
if (!policy_view_capable(NULL))
return -EPERM;
if (!apparmor_enabled) if (!apparmor_enabled)
return -EINVAL; return -EINVAL;
if (apparmor_initialized && !policy_view_capable(NULL))
return -EPERM;
return sprintf(buffer, "%s", audit_mode_names[aa_g_audit]); return sprintf(buffer, "%s", audit_mode_names[aa_g_audit]);
} }
static int param_set_audit(const char *val, struct kernel_param *kp) static int param_set_audit(const char *val, struct kernel_param *kp)
{ {
int i; int i;
if (!policy_admin_capable(NULL))
return -EPERM;
if (!apparmor_enabled) if (!apparmor_enabled)
return -EINVAL; return -EINVAL;
if (!val) if (!val)
return -EINVAL; return -EINVAL;
if (apparmor_initialized && !policy_admin_capable(NULL))
return -EPERM;
for (i = 0; i < AUDIT_MAX_INDEX; i++) { for (i = 0; i < AUDIT_MAX_INDEX; i++) {
if (strcmp(val, audit_mode_names[i]) == 0) { if (strcmp(val, audit_mode_names[i]) == 0) {
...@@ -823,11 +822,10 @@ static int param_set_audit(const char *val, struct kernel_param *kp) ...@@ -823,11 +822,10 @@ static int param_set_audit(const char *val, struct kernel_param *kp)
static int param_get_mode(char *buffer, struct kernel_param *kp) static int param_get_mode(char *buffer, struct kernel_param *kp)
{ {
if (!policy_view_capable(NULL))
return -EPERM;
if (!apparmor_enabled) if (!apparmor_enabled)
return -EINVAL; return -EINVAL;
if (apparmor_initialized && !policy_view_capable(NULL))
return -EPERM;
return sprintf(buffer, "%s", aa_profile_mode_names[aa_g_profile_mode]); return sprintf(buffer, "%s", aa_profile_mode_names[aa_g_profile_mode]);
} }
...@@ -835,14 +833,13 @@ static int param_get_mode(char *buffer, struct kernel_param *kp) ...@@ -835,14 +833,13 @@ static int param_get_mode(char *buffer, struct kernel_param *kp)
static int param_set_mode(const char *val, struct kernel_param *kp) static int param_set_mode(const char *val, struct kernel_param *kp)
{ {
int i; int i;
if (!policy_admin_capable(NULL))
return -EPERM;
if (!apparmor_enabled) if (!apparmor_enabled)
return -EINVAL; return -EINVAL;
if (!val) if (!val)
return -EINVAL; return -EINVAL;
if (apparmor_initialized && !policy_admin_capable(NULL))
return -EPERM;
for (i = 0; i < APPARMOR_MODE_NAMES_MAX_INDEX; i++) { for (i = 0; i < APPARMOR_MODE_NAMES_MAX_INDEX; i++) {
if (strcmp(val, aa_profile_mode_names[i]) == 0) { if (strcmp(val, aa_profile_mode_names[i]) == 0) {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册