On 09/17/2018 02:56 PM, Nathan Chancellor wrote:
> On Mon, Sep 17, 2018 at 11:37:54PM +0200, Greg KH wrote:
>> On Mon, Sep 17, 2018 at 11:15:42PM +0200, Greg KH wrote:
>>> On Mon, Sep 17, 2018 at 09:45:47PM +0200, Loic wrote:
>>>> On Mon, 17 Sep 2018 15:58:56 +0200
>>>> Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
>>>>
>>>>> On Sun, Sep 09, 2018 at 04:04:18PM +0200, Loic wrote:
>>>>>> Hello,
>>>>>>
>>>>>> Tested without any problem so please picked up this for 4.4 to fix the
>>>>>> problem.
>>>>>> The patch below is slightly modified to adapt to this version.
>>>>>>
>>>>>> [ Upstream commit 7616ac70d1bb4f2e9d25c1a82d283f3368a7b632 ]
>>>>>>
>>>>>> The newly added Kconfig option could never work and just causes a build
>>>>>> error
>>>>>> when disabled:
>>>>>>
>>>>>> security/apparmor/lsm.c:675:25: error:
>>>>>> 'CONFIG_SECURITY_APPARMOR_HASH_DEFAULT' undeclared here (not in a function)
>>>>>> bool aa_g_hash_policy = CONFIG_SECURITY_APPARMOR_HASH_DEFAULT;
>>>>>>
>>>>>> The problem is that the macro undefined in this case, and we need to use the
>>>>>> IS_ENABLED()
>>>>>> helper to turn it into a boolean constant.
>>>>>>
>>>>>> Another minor problem with the original patch is that the option is even
>>>>>> offered
>>>>>> in sysfs when SECURITY_APPARMOR_HASH is not enabled, so this also hides the
>>>>>> option
>>>>>> in that case.
>>>>>>
>>>>>> Signed-off-by: Arnd Bergmann <arnd@xxxxxxxx>
>>>>>> Fixes: 6059f71f1e94 ("apparmor: add parameter to control whether policy
>>>>>> hashing is used")
>>>>>> Signed-off-by: John Johansen <john.johansen@xxxxxxxxxxxxx>
>>>>>> Signed-off-by: James Morris <james.l.morris@xxxxxxxxxx>
>>>>>> ---
>>>>>> diff -Nurp a/security/apparmor/crypto.c b/security/apparmor/crypto.c
>>>>>> --- a/security/apparmor/crypto.c
>>>>>> +++ b/security/apparmor/crypto.c
>>>>>> @@ -39,6 +39,9 @@ int aa_calc_profile_hash(struct aa_profi
>>>>>> int error = -ENOMEM;
>>>>>> u32 le32_version = cpu_to_le32(version);
>>>>>>
>>>>>> + if (!aa_g_hash_policy)
>>>>>> + return 0;
>>>>>> +
>>>>>> if (!apparmor_tfm)
>>>>>> return 0;
>>>>>>
>>>>>> diff -Nurp a/security/apparmor/lsm.c b/security/apparmor/lsm.c
>>>>>> --- a/security/apparmor/lsm.c
>>>>>> +++ b/security/apparmor/lsm.c
>>>>>> @@ -692,6 +692,12 @@ enum profile_mode aa_g_profile_mode = AP
>>>>>> module_param_call(mode, param_set_mode, param_get_mode,
>>>>>> &aa_g_profile_mode, S_IRUSR | S_IWUSR);
>>>>>>
>>>>>> +#ifdef CONFIG_SECURITY_APPARMOR_HASH
>>>>>> +/* whether policy verification hashing is enabled */
>>>>>> +bool aa_g_hash_policy = IS_ENABLED(CONFIG_SECURITY_APPARMOR_HASH_DEFAULT);
>>>>>> +module_param_named(hash_policy, aa_g_hash_policy, aabool, S_IRUSR |
>>>>>> S_IWUSR);
>>>>>> +#endif
>>>>>> +
>>>>>> /* Debug mode */
>>>>>> bool aa_g_debug;
>>>>>> module_param_named(debug, aa_g_debug, aabool, S_IRUSR | S_IWUSR);
>>>>>> ---
>>>>>
>>>>> The patch is whitespace corrupted and can not be applied :(
>>>>
>>>> Sorry, I noticed the problem afterwards. I opened a bug report to try to fix my mail client:
>>>> https://github.com/roundcube/roundcubemail/issues/6438
>>>>
>>>>>
>>>>> Can you fix that up and resend it so that I can apply it?
>>>>
>>>> No problem. Thanks for all.
>>>>
>>>> Signed-off-by: Arnd Bergmann <arnd@xxxxxxxx>
>>>> Fixes: 6059f71f1e94 ("apparmor: add parameter to control whether policy hashing is used")
>>>> Signed-off-by: John Johansen <john.johansen@xxxxxxxxxxxxx>
>>>> Signed-off-by: James Morris <james.l.morris@xxxxxxxxxx>
>>>> ---
>>>> diff -Nurp a/security/apparmor/crypto.c b/security/apparmor/crypto.c
>>>> --- a/security/apparmor/crypto.c
>>>> +++ b/security/apparmor/crypto.c
>>>> @@ -39,6 +39,9 @@ int aa_calc_profile_hash(struct aa_profi
>>>> int error = -ENOMEM;
>>>> u32 le32_version = cpu_to_le32(version);
>>>>
>>>> + if (!aa_g_hash_policy)
>>>> + return 0;
>>>> +
>>>> if (!apparmor_tfm)
>>>> return 0;
>>>>
>>>> diff -Nurp a/security/apparmor/lsm.c b/security/apparmor/lsm.c
>>>> --- a/security/apparmor/lsm.c
>>>> +++ b/security/apparmor/lsm.c
>>>> @@ -692,6 +694,12 @@ enum profile_mode aa_g_profile_mode = AP
>>>> module_param_call(mode, param_set_mode, param_get_mode,
>>>> &aa_g_profile_mode, S_IRUSR | S_IWUSR);
>>>>
>>>> +#ifdef CONFIG_SECURITY_APPARMOR_HASH
>>>> +/* whether policy verification hashing is enabled */
>>>> +bool aa_g_hash_policy = IS_ENABLED(CONFIG_SECURITY_APPARMOR_HASH_DEFAULT);
>>>> +module_param_named(hash_policy, aa_g_hash_policy, aabool, S_IRUSR | S_IWUSR);
>>>> +#endif
>>>> +
>>>> /* Debug mode */
>>>> bool aa_g_debug;
>>>> module_param_named(debug, aa_g_debug, aabool, S_IRUSR | S_IWUSR);
>>>
>>> THanks, that worked, now queued up.
>>
>> And dropped as this patch broke the build. I'm guessing this really
>> isn't needed if you didn't even test it worked :(
>>
>> Please fix all of this up, test it properly, and then send it as a
>> "clean" patch that I can apply easily.
>>
>> thanks,
>>
>> greg k-h
>
> Commit 6059f71f1e94 ("apparmor: add parameter to control whether policy
> hashing is used") didn't even come in until 4.8 and SECURITY_APPARMOR_HASH_DEFAULT
> isn't defined anywhere in 4.4. Fairly certain this isn't needed at all.
>
Sorry when I did my initial check on the patch backport deviating from
the upstream patch I didn't build test (assumed that had already been
done my bad), nor did I look into if it was valid (also my bad). I
should have.
I agree with your assessment, this isn't needed. 4.4 does not have
the kconfig nor code that uses it. The patch can be fixed, but
including it would be a feature backport not a bug fix like it was for
4.8 kernels.
Greg do not take this patch. I am sorry I wasted you time by missing
this on my initial check.
