APPLIED[L]: [Lunar][PULL] LSM stacking and AppArmor refresh for 6.2 kernel
Andrea Righi
andrea.righi at canonical.com
Wed Mar 22 07:39:20 UTC 2023
On Tue, Mar 21, 2023 at 01:20:13PM -0700, John Johansen wrote:
> << snip >>
>
> > John - patch 25 fails to apply. Please rebase against current tip Ubuntu-6.2.0-18.18
>
> done (below), if we want a new request email lmk
Not needed, already applied to lunar/linux.
Thanks!
-Andrea
>
>
>
> The following changes since commit 7b593e8559aca572272e6cece79ddd3f9702456b:
>
> NFS: Correct timing for assigning access cache timestamp (2023-03-17 10:02:09 +0100)
>
> are available in the Git repository at:
>
> https://gitlab.com/jjohansen/apparmor-kernel.git lunar-prompt
>
> for you to fetch changes up to 4bd64e980c466c69d411160d1ee382892d862230:
>
> UBUNTU: [Config] define CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS (2023-03-21 12:14:45 -0700)
>
> ----------------------------------------------------------------
> Andrea Righi (1):
> UBUNTU: [Config] define CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS
>
> Casey Schaufler (39):
> UBUNTU: SAUCE: Stacking v38: LSM: Identify modules by more than name
> UBUNTU: SAUCE: Stacking v38: LSM: Add an LSM identifier for external use
> UBUNTU: SAUCE: Stacking v38: LSM: Identify the process attributes for each module
> UBUNTU: SAUCE: Stacking v38: LSM: Maintain a table of LSM attribute data
> UBUNTU: SAUCE: Stacking v38: proc: Use lsmids instead of lsm names for attrs
> UBUNTU: SAUCE: Stacking v38: LSM: lsm_self_attr syscall for LSM self attributes
> UBUNTU: SAUCE: Stacking v38: integrity: disassociate ima_filter_rule from security_audit_rule
> UBUNTU: SAUCE: Stacking v38: LSM: Infrastructure management of the sock security
> UBUNTU: SAUCE: Stacking v38: LSM: Add the lsmblob data structure.
> UBUNTU: SAUCE: Stacking v38: LSM: provide lsm name and id slot mappings
> UBUNTU: SAUCE: Stacking v38: IMA: avoid label collisions with stacked LSMs
> UBUNTU: SAUCE: Stacking v38: LSM: Use lsmblob in security_audit_rule_match
> UBUNTU: SAUCE: Stacking v38: LSM: Use lsmblob in security_kernel_act_as
> UBUNTU: SAUCE: Stacking v38: LSM: Use lsmblob in security_secctx_to_secid
> UBUNTU: SAUCE: Stacking v38: LSM: Use lsmblob in security_secid_to_secctx
> UBUNTU: SAUCE: Stacking v38: LSM: Use lsmblob in security_ipc_getsecid
> UBUNTU: SAUCE: Stacking v38: LSM: Use lsmblob in security_current_getsecid
> UBUNTU: SAUCE: Stacking v38: LSM: Use lsmblob in security_inode_getsecid
> UBUNTU: SAUCE: Stacking v38: LSM: Use lsmblob in security_cred_getsecid
> UBUNTU: SAUCE: Stacking v38: LSM: Specify which LSM to display
> UBUNTU: SAUCE: Stacking v38: LSM: Ensure the correct LSM context releaser
> UBUNTU: SAUCE: Stacking v38: LSM: Use lsmcontext in security_secid_to_secctx
> UBUNTU: SAUCE: Stacking v38: LSM: Use lsmcontext in security_inode_getsecctx
> UBUNTU: SAUCE: Stacking v38: Use lsmcontext in security_dentry_init_security
> UBUNTU: SAUCE: Stacking v38: LSM: security_secid_to_secctx in netlink netfilter
> UBUNTU: SAUCE: Stacking v38: NET: Store LSM netlabel data in a lsmblob
> UBUNTU: SAUCE: Stacking v38: binder: Pass LSM identifier for confirmation
> UBUNTU: SAUCE: Stacking v38: LSM: security_secid_to_secctx module selection
> UBUNTU: SAUCE: Stacking v38: Audit: Keep multiple LSM data in audit_names
> UBUNTU: SAUCE: Stacking v38: Audit: Create audit_stamp structure
> UBUNTU: SAUCE: Stacking v38: LSM: Add a function to report multiple LSMs
> UBUNTU: SAUCE: Stacking v38: Audit: Allow multiple records in an audit_buffer
> UBUNTU: SAUCE: Stacking v38: Audit: Add record for multiple task security contexts
> UBUNTU: SAUCE: Stacking v38: audit: multiple subject lsm values for netlabel
> UBUNTU: SAUCE: Stacking v38: Audit: Add record for multiple object contexts
> UBUNTU: SAUCE: Stacking v38: netlabel: Use a struct lsmblob in audit data
> UBUNTU: SAUCE: Stacking v38: LSM: Removed scaffolding function lsmcontext_init
> UBUNTU: SAUCE: Stacking v38: AppArmor: Remove the exclusive flag
> UBUNTU: SAUCE: Stacking v38: LSM: Create lsm_module_list system call
>
> John Johansen (57):
> Revert "UBUNTU: [Config] define CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS"
> Revert "UBUNTU: SAUCE: apparmor: add user namespace creation mediation"
> Revert "UBUNTU: SAUCE: apparmor: Add fine grained mediation of posix mqueues"
> Revert "UBUNTU: SAUCE: Revert "apparmor: make __aa_path_perm() static""
> Revert "UBUNTU: SAUCE: LSM: Specify which LSM to display (using struct cred as input)"
> Revert "UBUNTU: SAUCE: apparmor: Fix build error, make sk parameter const"
> Revert "UBUNTU: SAUCE: LSM: Use lsmblob in smk_netlbl_mls()"
> Revert "UBUNTU: SAUCE: LSM: change ima_read_file() to use lsmblob"
> Revert "UBUNTU: SAUCE: apparmor: rename kzfree() to kfree_sensitive()"
> Revert "UBUNTU: SAUCE: AppArmor: Remove the exclusive flag"
> Revert "UBUNTU: SAUCE: LSM: Add /proc attr entry for full LSM context"
> Revert "UBUNTU: SAUCE: Audit: Fix incorrect static inline function declration."
> Revert "UBUNTU: SAUCE: Audit: Fix for missing NULL check"
> Revert "UBUNTU: SAUCE: Audit: Add a new record for multiple object LSM attributes"
> Revert "UBUNTU: SAUCE: Audit: Add new record for multiple process LSM attributes"
> Revert "UBUNTU: SAUCE: NET: Store LSM netlabel data in a lsmblob"
> Revert "UBUNTU: SAUCE: LSM: security_secid_to_secctx in netlink netfilter"
> Revert "UBUNTU: SAUCE: LSM: Use lsmcontext in security_inode_getsecctx"
> Revert "UBUNTU: SAUCE: LSM: Use lsmcontext in security_secid_to_secctx"
> Revert "UBUNTU: SAUCE: LSM: Ensure the correct LSM context releaser"
> Revert "UBUNTU: SAUCE: LSM: Specify which LSM to display"
> Revert "UBUNTU: SAUCE: IMA: Change internal interfaces to use lsmblobs"
> Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_cred_getsecid"
> Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_inode_getsecid"
> Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_task_getsecid"
> Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_ipc_getsecid"
> Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_secid_to_secctx"
> Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_secctx_to_secid"
> Revert "UBUNTU: SAUCE: net: Prepare UDS for security module stacking"
> Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_kernel_act_as"
> Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_audit_rule_match"
> Revert "UBUNTU: SAUCE: LSM: Create and manage the lsmblob data structure."
> Revert "UBUNTU: SAUCE: LSM: Infrastructure management of the sock security"
> Revert "UBUNTU: SAUCE: apparmor: LSM stacking: switch from SK_CTX() to aa_sock()"
> Revert "UBUNTU: SAUCE: apparmor: rename aa_sock() to aa_unix_sk()"
> Revert "UBUNTU: SAUCE: apparmor: disable showing the mode as part of a secid to secctx"
> Revert "UBUNTU: SAUCE: apparmor: fix use after free in sk_peer_label"
> Revert "UBUNTU: SAUCE: apparmor: af_unix mediation"
> Revert "UBUNTU: SAUCE: apparmor: patch to provide compatibility with v2.x net rules"
> Revert "UBUNTU: SAUCE: apparmor: add/use fns to print hash string hex value"
> UBUNTU: SAUCE: apparmor: add/use fns to print hash string hex value
> UBUNTU: SAUCE: apparmor: rename SK_CTX() to aa_sock and make it an inline fn
> UBUNTU: SAUCE: apparmor: patch to provide compatibility with v2.x net rules
> UBUNTU: SAUCE: apparmor: add user namespace creation mediation
> UBUNTU: SAUCE: apparmor: Add sysctls for additional controls of unpriv userns restrictions
> UBUNTU: SAUCE: apparmor: af_unix mediation
> UBUNTU: SAUCE: apparmor: Add fine grained mediation of posix mqueues
> UBUNTU: SAUCE: apparmor: combine common_audit_data and apparmor_audit_data
> UBUNTU: SAUCE: apparmor: setup slab cache for audit data
> UBUNTU: SAUCE: apparmor: rename audit_data->label to audit_data->subj_label
> UBUNTU: SAUCE: apparmor: pass cred through to audit info.
> UBUNTU: SAUCE: apparmor: Improve debug print infrastructure
> UBUNTU: SAUCE: apparmor: add the ability for profiles to have a learning cache
> UBUNTU: SAUCE: apparmor: enable userspace upcall for mediation
> UBUNTU: SAUCE: apparmor: cache buffers on percpu list if there is lock contention
> UBUNTU: SAUCE: apparmor: fix policy_compat permission remap with extended permissions
> UBUNTU: SAUCE: apparmor: advertise availability of exended perms
>
> Documentation/ABI/testing/ima_policy | 8 +-
> Documentation/security/lsm.rst | 28 --
> arch/x86/entry/syscalls/syscall_64.tbl | 2 +
> drivers/android/binder.c | 23 +-
> drivers/android/binder_internal.h | 1 +
> fs/ceph/super.h | 3 +-
> fs/ceph/xattr.c | 19 +-
> fs/fuse/dir.c | 35 +-
> fs/nfs/dir.c | 2 +-
> fs/nfs/inode.c | 17 +-
> fs/nfs/internal.h | 8 +-
> fs/nfs/nfs4proc.c | 24 +-
> fs/nfs/nfs4xdr.c | 22 +-
> fs/proc/base.c | 31 +-
> fs/proc/internal.h | 2 +-
> include/linux/audit.h | 34 +-
> include/linux/lsm_hooks.h | 42 +--
> include/linux/nfs4.h | 8 +-
> include/linux/nfs_fs.h | 2 +-
> include/linux/security.h | 190 ++++++----
> include/linux/syscalls.h | 2 +
> include/net/af_unix.h | 2 +-
> include/net/netlabel.h | 2 +-
> include/net/scm.h | 16 +-
> include/net/xfrm.h | 4 +-
> include/uapi/asm-generic/unistd.h | 8 +-
> include/uapi/linux/apparmor.h | 106 ++++++
> include/uapi/linux/audit.h | 4 +-
> include/uapi/linux/lsm.h | 67 ++++
> include/uapi/linux/prctl.h | 4 +
> kernel/audit.c | 327 ++++++++++--------
> kernel/audit.h | 19 +-
> kernel/auditfilter.c | 15 +-
> kernel/auditsc.c | 205 ++++-------
> kernel/sys_ni.c | 4 +
> net/ipv4/cipso_ipv4.c | 3 +-
> net/ipv4/ip_sockglue.c | 4 +-
> net/netfilter/nf_conntrack_netlink.c | 10 +-
> net/netfilter/nfnetlink_queue.c | 24 +-
> net/netfilter/nft_meta.c | 12 +-
> net/netfilter/xt_SECMARK.c | 2 +-
> net/netlabel/netlabel_unlabeled.c | 2 +-
> net/netlabel/netlabel_user.c | 5 +-
> net/netlabel/netlabel_user.h | 2 +-
> net/unix/af_unix.c | 6 +-
> security/Makefile | 1 +
> security/apparmor/Kconfig | 4 +-
> security/apparmor/Makefile | 2 +-
> security/apparmor/af_unix.c | 183 +++++-----
> security/apparmor/apparmorfs.c | 200 ++++++++++-
> security/apparmor/audit.c | 299 ++++++++++++++--
> security/apparmor/capability.c | 29 +-
> security/apparmor/crypto.c | 9 +-
> security/apparmor/domain.c | 134 ++++---
> security/apparmor/file.c | 354 ++++++++++++++-----
> security/apparmor/include/af_unix.h | 53 +--
> security/apparmor/include/apparmor.h | 2 +-
> security/apparmor/include/apparmorfs.h | 1 +
> security/apparmor/include/audit.h | 86 ++++-
> security/apparmor/include/capability.h | 3 +-
> security/apparmor/include/file.h | 19 +-
> security/apparmor/include/ipc.h | 9 +-
> security/apparmor/include/label.h | 1 +
> security/apparmor/include/lib.h | 42 ++-
> security/apparmor/include/mount.h | 21 +-
> security/apparmor/include/net.h | 19 +-
> security/apparmor/include/notify.h | 95 +++++
> security/apparmor/include/perms.h | 8 +-
> security/apparmor/include/policy.h | 15 +-
> security/apparmor/include/policy_ns.h | 11 +
> security/apparmor/include/procattr.h | 2 +-
> security/apparmor/include/resource.h | 3 +-
> security/apparmor/include/task.h | 6 +-
> security/apparmor/ipc.c | 94 ++---
> security/apparmor/label.c | 18 +-
> security/apparmor/lib.c | 143 ++++++--
> security/apparmor/lsm.c | 353 ++++++++++++++-----
> security/apparmor/mount.c | 126 ++++---
> security/apparmor/net.c | 88 ++---
> security/apparmor/notify.c | 614 +++++++++++++++++++++++++++++++++
> security/apparmor/policy.c | 74 ++--
> security/apparmor/policy_ns.c | 5 +-
> security/apparmor/policy_unpack.c | 57 +--
> security/apparmor/procattr.c | 28 +-
> security/apparmor/resource.c | 54 +--
> security/apparmor/secid.c | 2 -
> security/apparmor/task.c | 85 +++--
> security/bpf/hooks.c | 6 +-
> security/commoncap.c | 6 +-
> security/integrity/ima/ima.h | 26 --
> security/integrity/ima/ima_api.c | 2 +-
> security/integrity/ima/ima_appraise.c | 7 +-
> security/integrity/ima/ima_main.c | 19 +-
> security/integrity/ima/ima_policy.c | 118 +++++--
> security/integrity/integrity_audit.c | 2 +-
> security/landlock/cred.c | 7 +-
> security/landlock/fs.c | 7 +-
> security/landlock/ptrace.c | 7 +-
> security/landlock/setup.c | 7 +
> security/landlock/setup.h | 1 +
> security/loadpin/loadpin.c | 6 +-
> security/lockdown/lockdown.c | 6 +-
> security/lsm_syscalls.c | 206 +++++++++++
> security/safesetid/lsm.c | 6 +-
> security/security.c | 468 ++++++++++++-------------
> security/selinux/hooks.c | 46 ++-
> security/selinux/include/classmap.h | 3 +-
> security/smack/smack_access.c | 5 +-
> security/smack/smack_lsm.c | 32 +-
> security/smack/smack_netfilter.c | 2 +-
> security/smack/smackfs.c | 3 +-
> security/tomoyo/tomoyo.c | 6 +-
> security/yama/yama_lsm.c | 6 +-
> 113 files changed, 3997 insertions(+), 1721 deletions(-)
> create mode 100644 include/uapi/linux/apparmor.h
> create mode 100644 include/uapi/linux/lsm.h
> create mode 100644 security/apparmor/include/notify.h
> create mode 100644 security/apparmor/notify.c
> create mode 100644 security/lsm_syscalls.c
>
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list