tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

apparmor: verify permission table indexes

While the dfa xindex's are verified, the indexes in the permission
table are not currently verified. Fix this.

Signed-off-by: John Johansen <john.johansen@canonical.com>

John Johansen 670f3177 fd1b2b95

+34 -1
+34 -1
security/apparmor/policy_unpack.c
··· 781 781 *info = "failed to unpack profile transition table"; 782 782 goto fail; 783 783 } 784 - /* TODO: move compat mapping here, requires dfa merging first */ 785 784 785 + /* TODO: move compat mapping here, requires dfa merging first */ 786 + /* TODO: move verify here, it has to be done after compat mappings */ 786 787 out: 787 788 return 0; 788 789 ··· 1150 1149 return true; 1151 1150 } 1152 1151 1152 + static bool verify_perm_indexes(struct aa_policydb *pdb) 1153 + { 1154 + int i; 1155 + 1156 + for (i = 0; i < pdb->size; i++) { 1157 + if (pdb->perms[i].xindex >= pdb->trans.size) 1158 + return false; 1159 + if (pdb->perms[i].tag >= pdb->trans.size) 1160 + return false; 1161 + if (pdb->perms[i].label >= pdb->trans.size) 1162 + return false; 1163 + } 1164 + 1165 + return true; 1166 + } 1167 + 1153 1168 /** 1154 1169 * verify_profile - Do post unpack analysis to verify profile consistency 1155 1170 * @profile: profile to verify (NOT NULL) ··· 1184 1167 profile->policy.trans.size))) { 1185 1168 audit_iface(profile, NULL, NULL, 1186 1169 "Unpack: Invalid named transition", NULL, -EPROTO); 1170 + return -EPROTO; 1171 + } 1172 + 1173 + if (!verify_perm_indexes(&profile->file)) { 1174 + audit_iface(profile, NULL, NULL, 1175 + "Unpack: Invalid perm index", NULL, -EPROTO); 1176 + return -EPROTO; 1177 + } 1178 + if (!verify_perm_indexes(&profile->policy)) { 1179 + audit_iface(profile, NULL, NULL, 1180 + "Unpack: Invalid perm index", NULL, -EPROTO); 1181 + return -EPROTO; 1182 + } 1183 + if (!verify_perm_indexes(&profile->xmatch)) { 1184 + audit_iface(profile, NULL, NULL, 1185 + "Unpack: Invalid perm index", NULL, -EPROTO); 1187 1186 return -EPROTO; 1188 1187 } 1189 1188