/kmod-apparmor

AppArmor running on RHEL/CentOS kernels
  1. C 98.7%
  2. Other 1.3%
C Other
Clone or download

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Download ZIP

Launching GitHub Desktop...

If nothing happens, download GitHub Desktop and try again.

Launching GitHub Desktop...

If nothing happens, download GitHub Desktop and try again.

Launching Xcode...

If nothing happens, download Xcode and try again.

Launching Visual Studio...

If nothing happens, download the GitHub extension for Visual Studio and try again.

Find file
Switch branches/tags
Nothing to show
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
include set all tasks to unconfined on module load May 10, 2017
scripts Basic out-of-tree makefile Apr 23, 2017
.gitignore ignore module build objects Apr 23, 2017
Kconfig Initial commit of apparmour from linux-3.10.0-514.10.2.el7 Apr 23, 2017
Makefile clean generated headers May 8, 2017
README Initial commit of README May 14, 2017
aa_fus.h differentiate unresolved symbols from aa_ code May 14, 2017
apparmorfs.c remove aa_fs on module unload May 9, 2017
audit.c differentiate unresolved symbols from aa_ code May 14, 2017
capability.c fix rlim and capability sections May 8, 2017
context.c Initial commit of apparmour from linux-3.10.0-514.10.2.el7 Apr 23, 2017
domain.c differentiate unresolved symbols from aa_ code May 14, 2017
file.c differentiate unresolved symbols from aa_ code May 14, 2017
fopskit.c add a hook for remap_all_cred_security May 10, 2017
fopskit.h differentiate unresolved symbols from aa_ code May 14, 2017
ipc.c differentiate unresolved symbols from aa_ code May 14, 2017
lib.c kvfree const void buffer Apr 23, 2017
lsm.c differentiate unresolved symbols from aa_ code May 14, 2017
match.c Initial commit of apparmour from linux-3.10.0-514.10.2.el7 Apr 23, 2017
path.c differentiate unresolved symbols from aa_ code May 14, 2017
policy.c remove aa_fs on module unload May 9, 2017
policy_unpack.c differentiate unresolved symbols from aa_ code May 14, 2017
procattr.c Initial commit of apparmour from linux-3.10.0-514.10.2.el7 Apr 23, 2017
resource.c fix rlim and capability sections May 8, 2017
sid.c Initial commit of apparmour from linux-3.10.0-514.10.2.el7 Apr 23, 2017

README 

===============================================================================

AppArmor kmod for RHEL/CentOS 7

===============================================================================

PRE-ALPHA CODE!!

This code does compile and load, but functionality is extremely limited while
development is ongoing as I have spare time. If you'd like to contribute, I
will graciously accept pull requests.

Goals to enter alpha:

DONE:
* get this module to compile and load - DONE
* module unloads without causing issues - DONE
* init each running task with an unconfined policy at load time - DONE

IN PROGRESS - HAVING TROUBLE!
* properly handle cred_prepare and cred_free (aa_dup_task_context)

NOT STARTED:
* find/hook the symbols involved in the missing CONFIG_SECURITY_PATH

Goals to enter beta:

* module loads at boot time
* assigns a proper profile to all running processes at load time
* if SELINUX=disabled still load and work, but issue warning in logs
* port a basic upstream policy that functions on a Gnome Desktop

===============================================================================

About this module

AppArmor is a Linux Security Module that's meant to be built into the kernel
itself, and was designed to only allow one security framework to be loaded at
at time. As such, if your kernel loads another LSM instead (such as SELinux)
then you're out of luck and can't use AppArmor... or can you?

===============================================================================

Supported Kernels

 - RHEL/CentOS 7 (linux-3.10.0)

This project is following the above pre-packaged enterprise kernel with because
it has a stable kABI, and doesn't use AppArmor. 

===============================================================================

How it works

This module makes use of the kernel ftrace framework. In a nutshell, ftrace is
in charge of the first few bytes of most kernel symbols, and can redirect them
to other addresses. This module instructs ftrace to redirect security handlers
to kmod code, which then decides whether it's appropriate to continue or not.

As such, the AppArmor logic runs first, but still allows the SELinux code to
function as well.

===============================================================================

Compatibility Issues

Kernel modules that make use of kernel tracing (ftrace, kprobes, etc) may
conflict with this module if they touch the same kernel symbols. The only ones
I know of are "tpe-lkm" (this module's sister project), and "kpatch".

This module will not work on systems where loadable kernel module support is
disabled at compile time (CONFIG_MODULES not being set).

This module requires many LSM hooks in order to work, and will error out when
security is disabled at compile time (CONFIG_SECURITY not being set).

===============================================================================

BUGS

Lots. This is pre-alpha code. Use at your own risk!

===============================================================================

 - kpatch - https://github.com/dynup/kpatch

Looking at the kpatch implementation, I was able to build the framework that
makes loading a security module in this manner possible.

 - tpe-lkm - https://github.com/cormander/tpe-lkm

The use of the ftrace framework (fopskit) was initially developed in tpe-lkm.

===============================================================================

About the Author

website: http://cormander.com/
github: https://github.com/cormander/
email: corman /AT/ cormander /DOT/ com

===============================================================================