comment_cleanup.diff - small patch to cleanup a couple of comments

mangle_on_audit.diff - mangle pathnames when outputting an audit message

kernel-patches/for-mainline/comment_cleanup.diff

@@ -0,0 +1,29 @@
+---
+ security/apparmor/apparmor.h |    4 ++--
+ security/apparmor/main.c     |    2 +-
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+--- a/security/apparmor/apparmor.h
++++ b/security/apparmor/apparmor.h
+@@ -96,8 +96,8 @@ extern unsigned int apparmor_path_max;
+  * @count: reference count of the profile
+  *
+  * The AppArmor profile contains the basic confinement data.  Each profile
+- * has a name and potentially a list of profile entries. All profiles are
+- * on the profile_list.
++ * has a name and potentially a list of sub profile entries. All non stale
++ * profiles are on the profile_list.
+  *
+  * The task_contexts list and the isstale flag are protected by the
+  * profile lock.
+--- a/security/apparmor/main.c
++++ b/security/apparmor/main.c
+@@ -109,7 +109,7 @@ static int aa_link_denied(struct aa_prof
+  * 
+  * Escape special characters in @str, which must be contained in
+  * @buffer. The string grows towards @buffer. Returns a pointer
+- * to the quoted string, or ERR_PTR(-ENAMETOOLONG) upon failure.
++ * to the quoted string, or NULL upon failure.
+  */
+ static char *mangle(char *str, char *buffer)
+ {

kernel-patches/for-mainline/mangle_on_audit.diff

@@ -0,0 +1,271 @@
+---
+ security/apparmor/apparmor.h |    2 
+ security/apparmor/main.c     |  130 ++++++++++++++++++++++++++++++-------------
+ 2 files changed, 93 insertions(+), 39 deletions(-)
+
+--- a/security/apparmor/apparmor.h
++++ b/security/apparmor/apparmor.h
+@@ -164,6 +164,8 @@ struct aa_audit {
+ 	gfp_t gfp_mask;
+ 	int error_code;
+ 	const char *name;
++	char *buffer;
++	char *buffer2;
+ 	union {
+ 		int mask;
+ 		int capability;
+--- a/security/apparmor/main.c
++++ b/security/apparmor/main.c
+@@ -105,13 +105,17 @@ static int aa_link_denied(struct aa_prof
+ /**
+  * mangle -- escape special characters in str
+  * @str: string to escape
+- * @buffer: buffer containing str
+- * 
+- * Escape special characters in @str, which must be contained in
+- * @buffer. The string grows towards @buffer. Returns a pointer
+- * to the quoted string, or NULL upon failure.
++ * @buffer: buffer possibly containing str
++ *
++ * Escape special characters in @str, which may be contained in
++ * @buffer.  If @str is contained in @buffer it is assumed it is at the
++ * end of @buffer and the string is relocated to the beginning of @buffer.
++ * If @str is not contained in @buffer, @buffer must be large enough that
++ * escaping all special characters in @str will not overwrite the end of
++ * the buffer.
++ * Returns a pointer to the escaped string, NULL upon failure.
+  */
+-static char *mangle(char *str, char *buffer)
++static char *mangle(const char *str, char *buffer)
+ {
+ 	static const char c_escape[] = {
+ 		['\a'] = 'a',	['\b'] = 'b',
+@@ -132,6 +136,8 @@ static char *mangle(char *str, char *buf
+ 	return str;
+ 
+ escape:
++	if (!buffer)
++		return NULL;
+ 	for (s = str, t = buffer; (c = *s) != '\0'; s++) {
+ 		if (mangle_escape(c)) {
+ 			if (t == s)
+@@ -147,6 +153,31 @@ escape:
+ 	return buffer;
+ }
+ 
++
++/**
++ * mangle -- escape special characters in str
++ * @str: string to escape
++ * @buffer: buffer possibly containing str
++ *
++ * escape special characters in @str, which is contained in @buffer, if
++ * @buffer is not large enough it will be reallocated.
++ * returns pointer to escaped string or NULL upon failure.
++ */
++static char *mangle_buffer(const char *str, char **buffer)
++{
++	char *b = mangle(str, *buffer);
++	if (!b) {
++		b = kmalloc(strlen(str) * 2 + 1, GFP_KERNEL);
++		if (b) {
++			mangle(str, b);
++			kfree(*buffer);
++			*buffer = b;
++		}
++	}
++
++	return b;
++}
++
+ /**
+  * aa_get_name - compute the pathname of a file
+  * @dentry: dentry of the file
+@@ -193,16 +224,12 @@ static char *aa_get_name(struct dentry *
+ 				buf[size - 1] = '\0';
+ 			}
+ 
+-			name = mangle(name, buf);
+-			if (!name)
+-				goto grow_buffer;
+ 			*buffer = buf;
+ 			return name;
+ 		}
+ 		if (PTR_ERR(name) != -ENAMETOOLONG)
+ 			return name;
+ 
+-grow_buffer:
+ 		kfree(buf);
+ 		size <<= 1;
+ 		if (size > apparmor_path_max)
+@@ -233,10 +260,10 @@ static int aa_perm_dentry(struct aa_prof
+ 			  struct vfsmount *mnt, struct aa_audit *sa, int mask,
+ 			  int check)
+ {
+-	char *buffer = NULL;
+ 	int denied_mask, error;
+ 
+-	sa->name = aa_get_name(dentry, mnt, &buffer, check);
++	sa->buffer = NULL;
++	sa->name = aa_get_name(dentry, mnt, &sa->buffer, check);
+ 
+ 	if (IS_ERR(sa->name)) {
+ 		/*
+@@ -255,7 +282,7 @@ static int aa_perm_dentry(struct aa_prof
+ 
+ 	error = aa_audit(profile, sa);
+ 
+-	aa_put_name_buffer(buffer);
++	aa_put_name_buffer(sa->buffer);
+ 
+ 	return error;
+ }
+@@ -481,15 +508,18 @@ int aa_audit(struct aa_profile *profile,
+ 	switch(sa->type) {
+ 	case AA_AUDITTYPE_FILE: {
+ 		int perm = audit ? sa->mask : sa->error_code;
+-
++		char *mangled_name = mangle_buffer(sa->name, &sa->buffer);
++		if (!mangled_name) {
++			opspec_error = -ENOMEM;
++			break;
++		}
+ 		audit_log_format(ab, "%s%s%s%s%s access to %s ",
+ 				 perm & AA_EXEC_MMAP ? "m" : "",
+ 				 perm & MAY_READ  ? "r" : "",
+ 				 perm & MAY_WRITE ? "w" : "",
+ 				 perm & MAY_EXEC  ? "x" : "",
+ 				 perm & AA_MAY_LINK  ? "l" : "",
+-				 sa->name);
+-
++				 mangled_name);
+ 		opspec_error = -EPERM;
+ 		break;
+ 	}
+@@ -516,10 +546,16 @@ int aa_audit(struct aa_profile *profile,
+ 	case AA_AUDITTYPE_XATTR:
+ 		audit_log_format(ab, "%s on %s ", sa->name2, sa->name);
+ 		break;
+-	case AA_AUDITTYPE_LINK:
+-		audit_log_format(ab, "link access from %s to %s ", sa->name,
+-			sa->name2);
++	case AA_AUDITTYPE_LINK: {
++		char *link_name = mangle_buffer(sa->name, &sa->buffer);
++		char *target_name = mangle_buffer(sa->name2, sa->buffer2);
++		if (link_name && target_name)
++			audit_log_format(ab, "link access from %s to %s ",
++					 link_name, target_name);
++		else
++			opspec_error = -ENOMEM;
+ 		break;
++	}
+ 	case AA_AUDITTYPE_CAP:
+ 		audit_log_format(ab, "access to capability '%s' ",
+ 			capability_names[sa->capability]);
+@@ -741,12 +777,12 @@ int aa_link(struct aa_profile *profile,
+ 	    struct dentry *link, struct vfsmount *link_mnt,
+ 	    struct dentry *target, struct vfsmount *target_mnt)
+ {
+-	char *name_buffer = NULL, *name2_buffer = NULL;
+ 	int denied_mask = -EPERM, error;
+ 	struct aa_audit sa;
+ 
+-	sa.name = aa_get_name(link, link_mnt, &name_buffer, 0);
+-	sa.name2 = aa_get_name(target, target_mnt, &name2_buffer, 0);
++	sa.buffer = sa.buffer2 = NULL;
++	sa.name = aa_get_name(link, link_mnt, &sa.buffer, 0);
++	sa.name2 = aa_get_name(target, target_mnt, &sa.buffer2, 0);
+ 
+ 	if (IS_ERR(sa.name)) {
+ 		denied_mask = PTR_ERR(sa.name);
+@@ -768,8 +804,8 @@ int aa_link(struct aa_profile *profile,
+ 
+ 	error = aa_audit(profile, &sa);
+ 
+-	aa_put_name_buffer(name_buffer);
+-	aa_put_name_buffer(name2_buffer);
++	aa_put_name_buffer(sa.buffer);
++	aa_put_name_buffer(sa.buffer2);
+ 
+ 	return error;
+ }
+@@ -828,8 +864,8 @@ repeat:
+ }
+ 
+ static struct aa_profile *
+-aa_register_find(struct aa_profile *profile, const char *name, int mandatory,
+-		 int complain)
++aa_register_find(struct aa_profile *profile, const char *name, char **buffer,
++		 int mandatory, int complain)
+ {
+ 	struct aa_profile *new_profile;
+ 
+@@ -840,15 +876,25 @@ aa_register_find(struct aa_profile *prof
+ 			 __FUNCTION__, new_profile->name);
+ 	} else if (mandatory && profile) {
+ 		if (complain) {
++			char *mangled_name, *b = NULL;
++			mangled_name = mangle_buffer(name, &b);
++			if (!mangled_name)
++				return ERR_PTR(-ENOMEM);
+ 			LOG_HINT(profile, GFP_KERNEL, HINT_MANDPROF,
+-				 "image '%s'", name);
++				 "image '%s'", mangled_name);
++			kfree(b);
+ 			profile = aa_dup_profile(null_complain_profile);
+ 		} else {
+-			AA_REJECT_MSG(profile, GFP_KERNEL,
+-				      "exec(2) of image '%s'. "
+-				      "Profile mandatory and not found.",
+-				      name);
+-			return ERR_PTR(-EPERM);
++			char *b = mangle_buffer(name, buffer);
++			if (b) {
++				AA_REJECT_MSG(profile, GFP_KERNEL,
++					      "exec(2) of image '%s'. Profile "
++					      "mandatory and not found.",
++					      b);
++				return ERR_PTR(-EPERM);
++			} else {
++				return ERR_PTR(-ENOMEM);
++			}
+ 		}
+ 	} else {
+ 		/* Only way we can get into this code is if task
+@@ -916,7 +962,8 @@ repeat:
+ 					 __FUNCTION__,
+ 					 filename);
+ 				new_profile = aa_register_find(profile,
+-							       filename, 1,
++							       filename,
++							       &buffer, 1,
+ 							       complain);
+ 				break;
+ 
+@@ -941,15 +988,20 @@ repeat:
+ 			new_profile = aa_dup_profile(null_complain_profile);
+ 			exec_mode |= AA_EXEC_UNSAFE;
+ 		} else {
+-			AA_REJECT_MSG(profile, GFP_KERNEL,
+-				      "exec(2) of image '%s'. "
+-				      "Unable to determine exec qualifier.",
+-				      filename);
+-			new_profile = ERR_PTR(-EPERM);
++			const char *name = mangle_buffer(filename, &buffer);
++			if (name) {
++				AA_REJECT_MSG(profile, GFP_KERNEL,
++					      "exec(2) of image '%s'. Unable "
++					      "to determine exec qualifier.",
++					      name);
++				new_profile = ERR_PTR(-EPERM);
++			} else {
++				new_profile = ERR_PTR(-ENOMEM);
++			}
+ 		}
+ 	} else {
+ 		/* Unconfined task, load profile if it exists */
+-		new_profile = aa_register_find(NULL, filename, 0, 0);
++		new_profile = aa_register_find(NULL, filename, &buffer, 0, 0);
+ 		if (new_profile == NULL)
+ 			goto cleanup;
+ 	}

kernel-patches/for-mainline/series

@@ -41,11 +41,14 @@ apparmor-module_interface.diff
 apparmor-misc.diff
 apparmor-intree.diff
 apparmor-del-comm.diff
+comment_cleanup.diff
+mangle_on_audit.diff
 do_path_lookup-nameidata.diff
 sys_fchdir-nameidata.diff
 file_permission-nameidata.diff
 # NOT YET
 leaf.diff
+fix_leaf.diff
 nfsd_permission-nameidata.diff
 ecryptfs-d_revalidate.diff
 # statvfs.diff