review.tizen.org Git - platform/kernel/linux-rpi.git/commit

apparmor: Fix regression in mount mediation

[ Upstream commit 157a3537d6bc28ceb9a11fc8cb67f2152d860146 ]

commit 2db154b3ea8e ("vfs: syscall: Add move_mount(2) to move mounts around")

introduced a new move_mount(2) system call and a corresponding new LSM
security_move_mount hook but did not implement this hook for any
existing LSM. This creates a regression for AppArmor mediation of
mount. This patch provides a base mapping of the move_mount syscall to
the existing mount mediation. In the future we may introduce
additional mediations around the new mount calls.

Fixes: 2db154b3ea8e ("vfs: syscall: Add move_mount(2) to move mounts around")
CC: stable@vger.kernel.org
Reported-by: Andreas Steinmetz <anstein99@googlemail.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

author	John Johansen <john.johansen@canonical.com>
	Sun, 10 Sep 2023 10:35:22 +0000 (03:35 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 28 Nov 2023 17:20:07 +0000 (17:20 +0000)
commit	96af45154a0be30485ad07f70f852b1456cb13d7
tree	5d04b1a790eb07205dc34a14e1959dc4f6c817fc	tree \| snapshot
parent	690f33e1edf5cd996b54094409de0067ae3fa216	commit \| diff

security/apparmor/include/mount.h		diff \| blob \| history
security/apparmor/lsm.c		diff \| blob \| history
security/apparmor/mount.c		diff \| blob \| history