On 8/28/24 15:24, Ryan Lee wrote:
The wording of 'scrubbing environment' implied that all environment
variables would be removed, when instead secure-execution mode only
removes a small number of environment variables. This patch updates the
wording to describe what actually occurs instead: setting AT_SECURE for
ld.so's secure-execution mode.
Link: https://gitlab.com/apparmor/apparmor/-/merge_requests/1315 is a
merge request that does similar updating for apparmor userspace.
Signed-off-by: Ryan Lee <ryan....@canonical.com>
Acked-by: John Johansen <john.johan...@canonical.com>
I have pulled this into my tree
---
security/apparmor/domain.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index 9914a2b130de..c89f4222f2e9 100644
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -720,8 +720,8 @@ static struct aa_label *profile_transition(const struct
cred *subj_cred,
if (!(perms.xindex & AA_X_UNSAFE)) {
if (DEBUG_ON) {
- dbg_printk("apparmor: scrubbing environment variables"
- " for %s profile=", name);
+ dbg_printk("apparmor: setting AT_SECURE "
+ "for %s profile=", name);
aa_label_printk(new, GFP_KERNEL);
dbg_printk("\n");
}
@@ -799,8 +799,8 @@ static int profile_onexec(const struct cred *subj_cred,
if (!(perms.xindex & AA_X_UNSAFE)) {
if (DEBUG_ON) {
- dbg_printk("apparmor: scrubbing environment "
- "variables for %s label=", xname);
+ dbg_printk("apparmor: setting AT_SECURE for "
+ "%s label=", xname);
aa_label_printk(onexec, GFP_KERNEL);
dbg_printk("\n");
}
@@ -970,7 +970,7 @@ int apparmor_bprm_creds_for_exec(struct linux_binprm *bprm)
if (unsafe) {
if (DEBUG_ON) {
- dbg_printk("scrubbing environment variables for %s "
+ dbg_printk("setting AT_SECURE for %s "
"label=", bprm->filename);
aa_label_printk(new, GFP_KERNEL);
dbg_printk("\n");
