AppArmor: Fix dropping of allowed operations that are force audited

The audit permission flag, that specifies an audit message should be
provided when an operation is allowed, was being ignored in some cases.

This is because the auto audit mode (which determines the audit mode from
system flags) was incorrectly assigned the same value as audit mode. The
shared value would result in messages that should be audited going through
a second evaluation as to whether they should be audited based on the
auto audit, resulting in some messages being dropped.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <kees@ubuntu.com>

diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c
index f3fafedd798a9abc9734b1e80379b05fe3892daa..61344b56722e3b0106dba2bfa44ff0ecd3ed80c1 100644 (file)
--- a/security/apparmor/audit.c
+++ b/security/apparmor/audit.c
@@ -89,6 +89,7 @@ static char *aa_audit_type[] = {
        "STATUS",
        "ERROR",
        "KILLED"
+       "AUTO"
 };
 
 /*

diff --git a/security/apparmor/include/audit.h b/security/apparmor/include/audit.h
index 1951786d32e987a1b154a5124ca3894475376e4e..9317cd81416cb96ca9294a11b46d0d77f4ca8c16 100644 (file)
--- a/security/apparmor/include/audit.h
+++ b/security/apparmor/include/audit.h
@@ -28,8 +28,6 @@ struct aa_profile;
 extern const char *audit_mode_names[];
 #define AUDIT_MAX_INDEX 5
 
-#define AUDIT_APPARMOR_AUTO 0  /* auto choose audit message type */
-
 enum audit_mode {
        AUDIT_NORMAL,           /* follow normal auditing of accesses */
        AUDIT_QUIET_DENIED,     /* quiet all denied access messages */
@@ -45,7 +43,8 @@ enum audit_type {
        AUDIT_APPARMOR_HINT,
        AUDIT_APPARMOR_STATUS,
        AUDIT_APPARMOR_ERROR,
-       AUDIT_APPARMOR_KILL
+       AUDIT_APPARMOR_KILL,
+       AUDIT_APPARMOR_AUTO
 };
 
 extern const char *op_table[];