From 5e6d82089b99dca7af43dab330505a690e5643f9 Mon Sep 17 00:00:00 2001
From: John Johansen <john.johansen@canonical.com>
Date: Mon, 21 Aug 2023 16:54:58 -0700
Subject: [PATCH] UBUNTU: SAUCE: apparmor4.0.0 [83/90]: apparmor: add support
 for profiles to define the kill signal

BugLink: http://bugs.launchpad.net/bugs/2028253

Previously apparmor has only sent SIGKILL but there are cases where
it can be useful to send a different signal. Allow the profile
to optionally specify a different value.

Signed-off-by: John Johansen <john.johansen@canonical.com>
(cherry picked from commit 22763bfcc93238f352eca731fae8a25d21aa4683
https://git.launchpad.net/~apparmor-dev/ubuntu-kernel-next)
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
---
 security/apparmor/apparmorfs.c        |  1 +
 security/apparmor/audit.c             |  2 +-
 security/apparmor/include/ipc.h       |  3 +++
 security/apparmor/include/policy.h    |  1 +
 security/apparmor/include/sig_names.h |  6 +-----
 security/apparmor/include/signal.h    | 19 +++++++++++++++++++
 security/apparmor/policy.c            |  1 +
 security/apparmor/policy_unpack.c     |  7 +++++++
 8 files changed, 34 insertions(+), 6 deletions(-)
 create mode 100644 security/apparmor/include/signal.h

diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 8f79813492bf..c09cfdf1b62c 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -2579,6 +2579,7 @@ static struct aa_sfs_entry aa_sfs_entry_domain[] = {
 	AA_SFS_DIR("attach_conditions",		aa_sfs_entry_attach),
 	AA_SFS_FILE_BOOLEAN("interruptible",		1),
 	AA_SFS_FILE_BOOLEAN("disconnected.path",            1),
+	AA_SFS_FILE_BOOLEAN("kill.signal",		1),
 	AA_SFS_FILE_STRING("version", "1.2"),
 	{ }
 };
diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c
index cda85bc25a88..f9f611333a12 100644
--- a/security/apparmor/audit.c
+++ b/security/apparmor/audit.c
@@ -192,7 +192,7 @@ int aa_audit(int type, struct aa_profile *profile,
 	aa_audit_msg(type, ad, cb);
 
 	if (ad->type == AUDIT_APPARMOR_KILL)
-		(void)send_sig_info(SIGKILL, NULL,
+		(void)send_sig_info(profile->signal, NULL,
 			ad->common.type == LSM_AUDIT_DATA_TASK &&
 			ad->common.u.tsk ? ad->common.u.tsk : current);
 
diff --git a/security/apparmor/include/ipc.h b/security/apparmor/include/ipc.h
index f15d6a480e6a..9df8563a4de5 100644
--- a/security/apparmor/include/ipc.h
+++ b/security/apparmor/include/ipc.h
@@ -17,6 +17,9 @@
 #include "inode.h"
 #include "perms.h"
 
+#define SIGUNKNOWN 0
+#define MAXMAPPED_SIG 35
+
 struct aa_msg_sec {
 	struct aa_label *label;
 };
diff --git a/security/apparmor/include/policy.h b/security/apparmor/include/policy.h
index 9052ad0acedf..d5aeb7b71d29 100644
--- a/security/apparmor/include/policy.h
+++ b/security/apparmor/include/policy.h
@@ -245,6 +245,7 @@ struct aa_profile {
 	enum audit_mode audit;
 	long mode;
 	u32 path_flags;
+	int signal;
 	const char *disconnected;
 
 	struct aa_attachment attach;
diff --git a/security/apparmor/include/sig_names.h b/security/apparmor/include/sig_names.h
index cbf7a997ed84..c772668cdc62 100644
--- a/security/apparmor/include/sig_names.h
+++ b/security/apparmor/include/sig_names.h
@@ -1,9 +1,5 @@
 #include <linux/signal.h>
-
-#define SIGUNKNOWN 0
-#define MAXMAPPED_SIG 35
-#define MAXMAPPED_SIGNAME (MAXMAPPED_SIG + 1)
-#define SIGRT_BASE 128
+#include "signal.h"
 
 /* provide a mapping of arch signal to internal signal # for mediation
  * those that are always an alias SIGCLD for SIGCLHD and SIGPOLL for SIGIO
diff --git a/security/apparmor/include/signal.h b/security/apparmor/include/signal.h
new file mode 100644
index 000000000000..729763fa7ce6
--- /dev/null
+++ b/security/apparmor/include/signal.h
@@ -0,0 +1,19 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/*
+ * AppArmor security module
+ *
+ * This file contains AppArmor ipc mediation function definitions.
+ *
+ * Copyright 2023 Canonical Ltd.
+ */
+
+#ifndef __AA_SIGNAL_H
+#define __AA_SIGNAL_H
+
+#define SIGUNKNOWN 0
+#define MAXMAPPED_SIG 35
+
+#define MAXMAPPED_SIGNAME (MAXMAPPED_SIG + 1)
+#define SIGRT_BASE 128
+
+#endif /* __AA_SIGNAL_H */
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index 8147c7c36edf..f503dcd3ac74 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -371,6 +371,7 @@ struct aa_profile *aa_alloc_profile(const char *hname, struct aa_proxy *proxy,
 	profile->label.flags |= FLAG_PROFILE;
 	profile->label.vec[0] = profile;
 
+	profile->signal = SIGKILL;
 	aa_audit_cache_init(&profile->learning_cache);
 
 	/* refcount released by caller */
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index cbf2d3c29c4a..44e69e06e0aa 100644
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -29,6 +29,7 @@
 #include "include/policy.h"
 #include "include/policy_unpack.h"
 #include "include/policy_compat.h"
+#include "include/signal.h"
 
 /* audit callback for unpack fields */
 static void audit_cb(struct audit_buffer *ab, void *va)
@@ -918,6 +919,12 @@ static struct aa_profile *unpack_profile(struct aa_ext *e, char **ns_name)
 	(void) aa_unpack_strdup(e, &disconnected, "disconnected");
 	profile->disconnected = disconnected;
 
+	/* optional */
+	(void) aa_unpack_u32(e, &profile->signal, "kill");
+	if (profile->signal < 1 && profile->signal > MAXMAPPED_SIG) {
+		info = "profile kill.signal invalid value";
+		goto fail;
+	}
 	/* per profile debug flags (complain, audit) */
 	if (!aa_unpack_nameX(e, AA_STRUCT, "flags")) {
 		info = "profile missing flags";