mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/security/apparmor/include
History
John Johansen 157a3537d6 apparmor: Fix regression in mount mediation 
commit 2db154b3ea ("vfs: syscall: Add move_mount(2) to move mounts around")

introduced a new move_mount(2) system call and a corresponding new LSM
security_move_mount hook but did not implement this hook for any
existing LSM. This creates a regression for AppArmor mediation of
mount. This patch provides a base mapping of the move_mount syscall to
the existing mount mediation. In the future we may introduce
additional mediations around the new mount calls.

Fixes: 2db154b3ea ("vfs: syscall: Add move_mount(2) to move mounts around")
CC: stable@vger.kernel.org
Reported-by: Andreas Steinmetz <anstein99@googlemail.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
 		2023-10-18 16:01:32 -07:00
..
apparmor.h apparmor: add io_uring mediation 2023-10-18 15:58:49 -07:00
apparmorfs.h apparmor: make export of raw binary profile to userspace optional 2022-07-09 15:13:59 -07:00
audit.h apparmor: add io_uring mediation 2023-10-18 15:58:49 -07:00
capability.h apparmor: pass cred through to audit info. 2023-10-18 15:30:38 -07:00
cred.h apparmor: Simplify obtain the newest label on a cred 2022-10-03 14:49:04 -07:00
crypto.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
domain.h apparmor: extend permissions to support a label and tag string 2022-10-03 14:49:03 -07:00
file.h apparmor: pass cred through to audit info. 2023-10-18 15:30:38 -07:00
ipc.h apparmor: pass cred through to audit info. 2023-10-18 15:30:38 -07:00
label.h apparmor: refactor profile rules and attachments 2022-10-03 14:49:04 -07:00
lib.h apparmor: refcount the pdb 2023-10-18 15:30:47 -07:00
match.h apparmor: refcount the pdb 2023-10-18 15:30:47 -07:00
mount.h apparmor: Fix regression in mount mediation 2023-10-18 16:01:32 -07:00
net.h apparmor: pass cred through to audit info. 2023-10-18 15:30:38 -07:00
path.h apparmor: allow label to carry debug flags 2022-07-19 02:55:45 -07:00
perms.h apparmor: add io_uring mediation 2023-10-18 15:58:49 -07:00
policy.h apparmor: allow restricting unprivileged change_profile 2023-10-18 15:48:44 -07:00
policy_compat.h apparmor: isolate policy backwards compatibility to its own file 2022-10-03 14:49:03 -07:00
policy_ns.h apparmor: remove unused functions in policy_ns.c/.h 2023-10-15 21:44:31 -07:00
policy_unpack.h + Features 2022-12-14 13:42:09 -08:00
procattr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
resource.h apparmor: pass cred through to audit info. 2023-10-18 15:30:38 -07:00
secid.h apparmor: disable showing the mode as part of a secid to secctx 2022-07-13 17:18:29 -07:00
sig_names.h apparmor: audit unknown signal numbers 2018-02-09 11:30:01 -08:00
task.h apparmor: add user namespace creation mediation 2023-10-18 15:49:02 -07:00