Commit 16916b17 authored by Ryan Lee's avatar Ryan Lee Committed by John Johansen
Browse files

apparmor: force auditing of conflicting attachment execs from confined 



Conflicting attachment paths are an error state that result in the
binary in question executing under an unexpected ix/ux fallback. As such,
it should be audited to record the occurrence of conflicting attachments.

Signed-off-by: default avatarRyan Lee <ryan.lee@canonical.com>
Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
parent b824b5f8

security/apparmor/domain.c

+9 −0
Original line number Diff line number Diff line
@@ -729,6 +729,15 @@ static struct aa_label *profile_transition(const struct cred *subj_cred, 
		new = x_to_label(profile, bprm, name, perms.xindex, &target,

				 &info);

		if (new && new->proxy == profile->label.proxy && info) {

			/* Force audit on conflicting attachment fallback

			 * Because perms is never used again after this audit

			 * we don't need to care about clobbering it

			 */

			if (info == CONFLICTING_ATTACH_STR_IX

			    || info == CONFLICTING_ATTACH_STR_UX) {

				perms.audit |= MAY_EXEC;

				perms.allow |= MAY_EXEC;

			}

			/* hack ix fallback - improve how this is detected */

			goto audit;

		} else if (!new) {