From patchwork Wed Oct 25 12:31:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Johansen X-Patchwork-Id: 1855043 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=185.125.189.65; helo=lists.ubuntu.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=patchwork.ozlabs.org) Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4SFpGm0TXjz23jh for ; Wed, 25 Oct 2023 23:32:31 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com) by lists.ubuntu.com with esmtp (Exim 4.86_2) (envelope-from ) id 1qvd3d-0005HD-Rb; Wed, 25 Oct 2023 12:32:21 +0000 Received: from smtp-relay-canonical-1.internal ([10.131.114.174] helo=smtp-relay-canonical-1.canonical.com) by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1qvd33-00059P-2Y for kernel-team@lists.ubuntu.com; Wed, 25 Oct 2023 12:31:48 +0000 Received: from canonical.com (unknown [50.39.103.33]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-canonical-1.canonical.com (Postfix) with ESMTPSA id 652C042737 for ; Wed, 25 Oct 2023 12:31:44 +0000 (UTC) From: John Johansen To: kernel-team@lists.ubuntu.com Subject: [PATCH 2/4] UBUNTU: SAUCE: apparmor: fix notification header size Date: Wed, 25 Oct 2023 05:31:28 -0700 Message-Id: <20231025123130.2751944-3-john.johansen@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231025123130.2751944-1-john.johansen@canonical.com> References: <20231025123130.2751944-1-john.johansen@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/2040250 When strings are appended to the notification the header size should be updated to reflect the correct size. While the size is also directly returned as part of delivering the notification, the header should also be update to conform to specification and allow for verification. If verification is enabled and the notification contains appended strings then notifications fail verification and won't be delivered. Fixes: 9a3b87d8b9a0 ("UBUNTU: SAUCE: apparmor4.0.0 [64/76]: prompt - rework build to use append fn, to simplify adding strings") Signed-off-by: John Johansen --- security/apparmor/notify.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/security/apparmor/notify.c b/security/apparmor/notify.c index 63d0e03b429a..e1c5697f79c7 100644 --- a/security/apparmor/notify.c +++ b/security/apparmor/notify.c @@ -975,6 +975,9 @@ static long build_v3_unotif(struct aa_knotif *knotif, void __user *buf, if (!build_append_str(buf, pos, max_size, knotif->ad->name, unotif.file.name, size)) return size; + + /* set size after appending strings */ + unotif.common.len = size; /* now the struct, at the start of user mem */ if (copy_to_user(buf, &unotif, sizeof(unotif))) return -EFAULT;