leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1180b4c757
linux/security/apparmor
History
John Johansen 1180b4c757 apparmor: fix dangling symlinks to policy rawdata after replacement 
When policy replacement occurs the symlinks in the profile directory
need to be updated to point to the new rawdata, otherwise once the
old rawdata is removed the symlink becomes broken.

Fix this by dynamically generating the symlink everytime it is read.
These links are used enough that their value needs to be cached and
this way we can avoid needing locking to read and update the link
value.

Fixes: a481f4d917 ("apparmor: add custom apparmorfs that will be used by policy namespace files")
BugLink: http://bugs.launchpad.net/bugs/1755563
Signed-off-by: John Johansen <john.johansen@canonical.com>
2018-03-23 17:33:52 -07:00
..
include apparmor: remove POLICY_MEDIATES_SAFE 2018-03-13 17:25:49 -07:00
.gitignore apparmor: add base infastructure for socket mediation 2018-03-13 17:25:48 -07:00
apparmorfs.c apparmor: fix dangling symlinks to policy rawdata after replacement 2018-03-23 17:33:52 -07:00
audit.c apparmor: switch from profiles to using labels on contexts 2017-06-10 17:11:38 -07:00
capability.c apparmor: move context.h to cred.h 2018-02-09 11:30:01 -08:00
crypto.c apparmor: use SHASH_DESC_ON_STACK 2017-04-07 08:58:35 +10:00
domain.c apparmor: fix error returns checks by making size a ssize_t 2018-03-23 17:25:25 -07:00
file.c apparmor: add base infastructure for socket mediation 2018-03-13 17:25:48 -07:00
ipc.c apparmor: move context.h to cred.h 2018-02-09 11:30:01 -08:00
Kconfig apparmor: add debug assert AA_BUG and Kconfig to control debug info 2017-01-16 01:18:24 -08:00
label.c apparmor: move context.h to cred.h 2018-02-09 11:30:01 -08:00
lib.c apparmor: add base infastructure for socket mediation 2018-03-13 17:25:48 -07:00
lsm.c apparmor: add base infastructure for socket mediation 2018-03-13 17:25:48 -07:00
Makefile apparmor: add base infastructure for socket mediation 2018-03-13 17:25:48 -07:00
match.c apparmor: Fix an error code in verify_table_headers() 2018-03-23 17:28:38 -07:00
mount.c apparmor: move context.h to cred.h 2018-02-09 11:30:01 -08:00
net.c apparmor: add base infastructure for socket mediation 2018-03-13 17:25:48 -07:00
nulldfa.in apparmor: cleanup add proper line wrapping to nulldfa.in 2018-02-09 11:30:01 -08:00
path.c apparmor: Move path lookup to using preallocated buffers 2017-06-08 11:29:34 -07:00
policy_ns.c apparmor: move context.h to cred.h 2018-02-09 11:30:01 -08:00
policy_unpack.c apparmor: add base infastructure for socket mediation 2018-03-13 17:25:48 -07:00
policy.c apparmor: convert attaching profiles via xattrs to use dfa matching 2018-02-09 11:30:02 -08:00
procattr.c apparmor: move context.h to cred.h 2018-02-09 11:30:01 -08:00
resource.c apparmor: move context.h to cred.h 2018-02-09 11:30:01 -08:00
secid.c apparmor: rename sid to secid 2017-01-16 00:42:17 -08:00
stacksplitdfa.in apparmor: use the dfa to do label parse string splitting 2018-02-09 11:30:01 -08:00
task.c apparmor: update domain transitions that are subsets of confinement at nnp 2018-02-09 11:30:01 -08:00