path: root/security/apparmor/domain.c
diff options
authorChristian Brauner <>2021-01-21 14:19:44 +0100
committerChristian Brauner <>2021-01-24 14:27:20 +0100
commit3cee6079f62f4d3a37d9dda2e0851677e08028ff (patch)
treed06df042d5feaadad59ccd3c53f7611740db0f3e /security/apparmor/domain.c
parent549c7297717c32ee53f156cd949e055e601f67bb (diff)
apparmor: handle idmapped mounts
The i_uid and i_gid are mostly used when logging for AppArmor. This is broken in a bunch of places where the global root id is reported instead of the i_uid or i_gid of the file. Nonetheless, be kind and log the mapped inode if we're coming from an idmapped mount. If the initial user namespace is passed nothing changes so non-idmapped mounts will see identical behavior as before. Link: Signed-off-by: Christian Brauner <>
Diffstat (limited to 'security/apparmor/domain.c')
1 files changed, 6 insertions, 3 deletions
diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index 16f184bc48de..583680f6cd81 100644
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -10,12 +10,14 @@
#include <linux/errno.h>
#include <linux/fdtable.h>
+#include <linux/fs.h>
#include <linux/file.h>
#include <linux/mount.h>
#include <linux/syscalls.h>
#include <linux/tracehook.h>
#include <linux/personality.h>
#include <linux/xattr.h>
+#include <linux/user_namespace.h>
#include "include/audit.h"
#include "include/apparmorfs.h"
@@ -858,8 +860,10 @@ int apparmor_bprm_creds_for_exec(struct linux_binprm *bprm)
const char *info = NULL;
int error = 0;
bool unsafe = false;
+ kuid_t i_uid = i_uid_into_mnt(file_mnt_user_ns(bprm->file),
+ file_inode(bprm->file));
struct path_cond cond = {
- file_inode(bprm->file)->i_uid,
+ i_uid,
@@ -967,8 +971,7 @@ audit:
error = fn_for_each(label, profile,
aa_audit_file(profile, &nullperms, OP_EXEC, MAY_EXEC,
bprm->filename, NULL, new,
- file_inode(bprm->file)->i_uid, info,
- error));
+ i_uid, info, error));
goto done;