[apparmor] [patch] logparser.py: do sanity check for all file events

Kshitij Gupta kgupta8592 at gmail.com
Tue Feb 9 19:50:30 UTC 2016


I missed, Acked for: trunk, 2.10 and 2.9.

On Wed, Feb 10, 2016 at 1:16 AM, Kshitij Gupta <kgupta8592 at gmail.com> wrote:

>
>
> On Tue, Feb 2, 2016 at 3:24 AM, Christian Boltz <apparmor at cboltz.de>
> wrote:
>
>> Hello,
>>
>> most probably-file log events can also be network events. Therefore
>> check for request_mask in all events, not only file_perm, file_inherit
>> and (from the latest bugreport) file_receive.
>>
>> References: https://bugs.launchpad.net/apparmor/+bug/1540562
>>
>>
>> I propose this patch for trunk, 2.10 and 2.9.
>>
>>
>> [ 68-logparser-check-sanity-of-all-file-events.diff ]
>>
>> --- utils/apparmor/logparser.py 2016-02-01 21:31:56.439302830 +0100
>> +++ utils/apparmor/logparser.py 2016-02-01 22:38:40.519637878 +0100
>> @@ -300,10 +300,10 @@
>>                                  'rename_dest', 'unlink', 'rmdir',
>> 'symlink_create', 'link',
>>                                  'sysctl', 'getattr', 'setattr', 'xattr']
>> ):
>>
>> -            # for some reason, we get file_perm and file_inherit log
>> events without request_mask, see
>> -            # https://bugs.launchpad.net/apparmor/+bug/1466812/ and
>> https://bugs.launchpad.net/apparmor/+bug/1509030
>> +            # for some kernel-side reason, we get file-related log
>> events without request_mask, see
>>
> ahh so we know whom to blame ;-)
>
>
>> +            # https://bugs.launchpad.net/apparmor/+bug/1466812/,
>> https://bugs.launchpad.net/apparmor/+bug/1509030 and
>> https://bugs.launchpad.net/apparmor/+bug/1540562
>>              # request_mask can also be '', see
>> https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1525119
>>
> this list seems to be growing rather long. Hopefully this patch will
> change that. :-)
>
>> -            if e['operation'] in ['file_perm', 'file_inherit'] and not
>> e['request_mask']:
>> +            if not e['request_mask']:
>>                  self.debug_logger.debug('UNHANDLED (missing
>> request_mask): %s' % e)
>>                  return None
>>
>>
>> Thanks for the patch.
>
> Acked-by: Kshitij Gupta <kgupta8592 at gmail.com>
>
>>
>>
>> Regards,
>>
>> Christian Boltz
>> --
>> Linux - und dein PC macht nie wieder blau.
>>
>> --
>> AppArmor mailing list
>> AppArmor at lists.ubuntu.com
>> Modify settings or unsubscribe at:
>> https://lists.ubuntu.com/mailman/listinfo/apparmor
>>
>>
>
>
> --
> Regards,
>
> Kshitij Gupta
>



-- 
Regards,

Kshitij Gupta
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160210/fa067ead/attachment-0001.html>


More information about the AppArmor mailing list