diff options
author | Greg Kroah-Hartman <gregkh@suse.de> | 2011-06-01 16:53:34 +0900 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@suse.de> | 2011-06-01 16:53:34 +0900 |
commit | 85fe7f6b3f4e5afd856dfaf00b8513207013539a (patch) | |
tree | ffc23a1d7260168234a65c0baf60176c95cb83d1 | |
parent | d447d9c6907fc13668b0941aed03df81e90d9a3e (diff) | |
download | stable-queue-85fe7f6b3f4e5afd856dfaf00b8513207013539a.tar.gz |
.39 patches
-rw-r--r-- | queue-2.6.39/apparmor-fix-oops-in-apparmor_setprocattr.patch | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/queue-2.6.39/apparmor-fix-oops-in-apparmor_setprocattr.patch b/queue-2.6.39/apparmor-fix-oops-in-apparmor_setprocattr.patch new file mode 100644 index 0000000000..d00d72ecc9 --- /dev/null +++ b/queue-2.6.39/apparmor-fix-oops-in-apparmor_setprocattr.patch @@ -0,0 +1,38 @@ +From a5b2c5b2ad5853591a6cac6134cd0f599a720865 Mon Sep 17 00:00:00 2001 +From: Kees Cook <kees.cook@canonical.com> +Date: Tue, 31 May 2011 11:31:41 -0700 +Subject: AppArmor: fix oops in apparmor_setprocattr + +From: Kees Cook <kees.cook@canonical.com> + +commit a5b2c5b2ad5853591a6cac6134cd0f599a720865 upstream. + +When invalid parameters are passed to apparmor_setprocattr a NULL deref +oops occurs when it tries to record an audit message. This is because +it is passing NULL for the profile parameter for aa_audit. But aa_audit +now requires that the profile passed is not NULL. + +Fix this by passing the current profile on the task that is trying to +setprocattr. + +Signed-off-by: Kees Cook <kees@ubuntu.com> +Signed-off-by: John Johansen <john.johansen@canonical.com> +Signed-off-by: James Morris <jmorris@namei.org> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> + +--- + security/apparmor/lsm.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/security/apparmor/lsm.c ++++ b/security/apparmor/lsm.c +@@ -593,7 +593,8 @@ static int apparmor_setprocattr(struct t + sa.aad.op = OP_SETPROCATTR; + sa.aad.info = name; + sa.aad.error = -EINVAL; +- return aa_audit(AUDIT_APPARMOR_DENIED, NULL, GFP_KERNEL, ++ return aa_audit(AUDIT_APPARMOR_DENIED, ++ __aa_current_profile(), GFP_KERNEL, + &sa, NULL); + } + } else if (strcmp(name, "exec") == 0) { |