TononixOS/ubports_kernel_google_msm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Revert "UBUNTU: SAUCE: apparmor: fix unix domain sockets to be mediated on connection"

Browse Source 
This reverts commit 69e4498aa1.

Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
This commit is contained in:
John Johansen
2014-04-29 15:38:32 -07:00
committed by Tim Gardner
parent 0cc9d1d8f5
commit b5e55a1f1e
1 changed files with 12 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
security/apparmor/lsm.c
View File

@@ -786,28 +786,10 @@ do { \
// sk->sk_socket is NULL when orphaned/being shutdown // sk->sk_socket is NULL when orphaned/being shutdown
// socket->sk set on graft, and sock_init_data if (socket exists) // socket->sk set on graft, and sock_init_data if (socket exists)
#define UNIX_ANONYMOUS(U) (!unix_sk(U)->addr)
#define UNIX_FS(U) (!UNIX_ANONYMOUS(U) && unix_sk(U)->addr->name->sun_path[0])
static int unix_fs_perm(int op, struct aa_label *label, struct sock *sk,
u32 mask)
{
if (!unconfined(label) && UNIX_FS(sk)) {
struct unix_sock *u = unix_sk(sk);
/* the sunpath may not be valid for this ns so use the path */
struct path_cond cond = { u->path.dentry->d_inode->i_uid,
u->path.dentry->d_inode->i_mode
};
return aa_path_perm(op, label, &u->path, 0, mask, &cond);
}
return 0;
}
/** /**
* apparmor_unix_stream_connect - check perms before making unix domain conn * apparmor_unix_stream_connect - check perms before making unix domain conn
* *
* other is locked when this hook is called * only used for alt unix socket namespace ???
*/ */
static int apparmor_unix_stream_connect(struct sock *sock, struct sock *other, static int apparmor_unix_stream_connect(struct sock *sock, struct sock *other,
struct sock *newsk) struct sock *newsk)
@@ -815,16 +797,16 @@ static int apparmor_unix_stream_connect(struct sock *sock, struct sock *other,
struct aa_sk_cxt *sock_cxt = SK_CXT(sock); struct aa_sk_cxt *sock_cxt = SK_CXT(sock);
struct aa_sk_cxt *other_cxt = SK_CXT(other); struct aa_sk_cxt *other_cxt = SK_CXT(other);
struct aa_sk_cxt *new_cxt = SK_CXT(newsk); struct aa_sk_cxt *new_cxt = SK_CXT(newsk);
struct aa_label *label = __aa_get_current_label();
int error = unix_fs_perm(OP_CONNECT, label, other,
MAY_READ | MAY_WRITE);
__aa_put_current_label(label);
if (error) #if 0
if (!perms to connect sock to other)
return error; return error;
#endif
/* Cross reference the peer labels for SO_PEERSEC */ // ??? label not updated after connection??? it would be good if the label
// was updated as the task labeling is updated
if (new_cxt->peer) { if (new_cxt->peer) {
//printk("%s: new_cxt->peer\n", __FUNCTION__); //printk("%s: new_cxt->peer\n", __FUNCTION__);
aa_put_label(new_cxt->peer); aa_put_label(new_cxt->peer);
@@ -847,21 +829,16 @@ static int apparmor_unix_stream_connect(struct sock *sock, struct sock *other,
/** /**
* apparmor_unix_may_send - check perms before conn or sending unix dgrams * apparmor_unix_may_send - check perms before conn or sending unix dgrams
* *
* other is locked when this hook is called * Only used for alt unix socket namespace ????
*/ */
static int apparmor_unix_may_send(struct socket *sock, struct socket *other) static int apparmor_unix_may_send(struct socket *sock, struct socket *other)
{ {
struct aa_sk_cxt *other_cxt = SK_CXT(other->sk); // ??? how do these play in with regular perm checks, conditional?
struct aa_label *label = __aa_get_current_label();
int e, error ;
error = unix_fs_perm(OP_SENDMSG, label, other->sk, MAY_WRITE); // print_sk(sock->sk);
e = unix_fs_perm(OP_SENDMSG, other_cxt->label, sock->sk, MAY_READ); // print_sk(other->sk);
if (e)
error = e;
__aa_put_current_label(label);
return error; return 0;
} }
/** /**