Skip to content

Fix mount rules encoding

John Johansen requested to merge jjohansen/apparmor:fix-mount into master

This is a partial fix for CVE-2016-1585, it address the frontend rule encoding problems particularly

  • Permissions being given that shouldn't happen
  • Multiple option conditionals in a single rule resulting in wider permission instead of multiple rules
  • optional flags not being handled correctly
  • multiple backend rules being created out of one frontend rule when they shouldn't be

it does not address the backend issue of short cut permissions not being correctly updated when deny rules carve out permissions on an allow rule that has a short cut permission in the encoding.

Thanks to the additional work by Alexander Mikhalitsyn for beating this MR into shape so we can land it

Alexander Changelog:

  • rebased to an actual tree
  • addressed review comments from @wbumiller and @setharnold
  • fixed compiler warnings about class_mount_hdr is uninitialized
  • infinite loop fix
  • MS_MAKE_CMDS bitmask value fixed
  • fixed condition in gen_flag_rules to cover cases like mount options in (bind) /d -> /4, when flags are empty and only opt_flags are present
  • marked some tests as a FAIL case behavior was changed after parser: add conflicting flags check for options= conditionals commit
Edited by John Johansen

Merge request reports