linux/security
John Johansen 8026e40608 apparmor: Fix move_mount mediation by detecting if source is detached
Prevent move_mount from applying the attach_disconnected flag
to move_mount(). This prevents detached mounts from appearing
as / when applying mount mediation, which is not only incorrect
but could result in bad policy being generated.

Basic mount rules like
  allow mount,
  allow mount options=(move) -> /target/,

will allow detached mounts, allowing older policy to continue
to function. New policy gains the ability to specify `detached` as
a source option
  allow mount detached -> /target/,

In addition make sure support of move_mount is advertised as
a feature to userspace so that applications that generate policy
can respond to the addition.

Note: this fixes mediation of move_mount when a detached mount is used,
      it does not fix the broader regression of apparmor mediation of
      mounts under the new mount api.

Link: https://lore.kernel.org/all/68c166b8-5b4d-4612-8042-1dee3334385b@leemhuis.info/T/#mb35fdde37f999f08f0b02d58dc1bf4e6b65b8da2
Fixes: 157a3537d6 ("apparmor: Fix regression in mount mediation")
Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
2024-01-03 12:10:29 -08:00
..
apparmor apparmor: Fix move_mount mediation by detecting if source is detached 2024-01-03 12:10:29 -08:00
bpf selinux: remove the runtime disable functionality 2023-03-20 12:34:23 -04:00
integrity As usual, lots of singleton and doubleton patches all over the tree and 2023-11-02 20:53:31 -10:00
keys keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry 2023-12-21 13:47:38 +00:00
landlock landlock: Support network rules with TCP bind and connect 2023-10-26 21:07:15 +02:00
loadpin LoadPin: Annotate struct dm_verity_loadpin_trusted_root_digest with __counted_by 2023-08-25 16:07:30 -07:00
lockdown selinux: remove the runtime disable functionality 2023-03-20 12:34:23 -04:00
safesetid SafeSetID: fix UID printed instead of GID 2023-06-20 20:26:00 -04:00
selinux cred: get rid of CONFIG_DEBUG_CREDENTIALS 2023-12-15 14:19:48 -08:00
smack Smack updates for v6.6. Two minor fixes. 2023-08-30 09:28:07 -07:00
tomoyo lsm: constify 'bprm' parameter in security_bprm_committed_creds() 2023-09-14 15:27:29 -04:00
yama sysctl-6.4-rc1 2023-04-27 16:52:33 -07:00
commoncap.c lsm: constify 'file' parameter in security_bprm_creds_from_file() 2023-09-13 18:09:35 -04:00
device_cgroup.c device_cgroup: Fix kernel-doc warnings in device_cgroup 2023-06-21 09:30:49 -04:00
inode.c security: convert to new timestamp accessors 2023-10-18 14:08:31 +02:00
Kconfig mm/slab: remove HAVE_HARDENED_USERCOPY_ALLOCATOR 2023-05-24 15:38:17 +02:00
Kconfig.hardening hardening: Move BUG_ON_DATA_CORRUPTION to hardening options 2023-08-15 14:57:25 -07:00
lsm_audit.c lsm: fix a number of misspellings 2023-05-25 17:52:15 -04:00
Makefile security: remove unneeded subdir-$(CONFIG_...) 2021-09-03 08:17:20 +09:00
min_addr.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
security.c lsm: fix a spelling mistake 2023-10-04 16:19:29 -04:00