[apparmor] [PATCH 09/36] apparmor: fix fs extry display for default profile
Seth Arnold
seth.arnold at canonical.com
Thu May 9 00:48:25 UTC 2013
On Wed, May 01, 2013 at 02:30:54PM -0700, John Johansen wrote:
> The default profile needs its replaced by information set as its on
> the profile list and will have an fs interface (and the fs interface
> files require a valid replacedby).
>
> Signed-off-by: John Johansen <john.johansen at canonical.com>
> ---
> security/apparmor/policy.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
> index 333cbb7..a7e6bd9 100644
> --- a/security/apparmor/policy.c
> +++ b/security/apparmor/policy.c
> @@ -731,6 +731,9 @@ struct aa_profile *aa_setup_default_profile(void)
>
> profile->ns = aa_get_namespace(root_ns);
>
> + /* replacedby being set needed by fs interface */
> + rcu_assign_pointer(profile->replacedby->profile,
> + aa_get_profile(profile));
> __list_add_profile(&root_ns->base.profiles, profile);
>
> return profile;
Will aa_get_profile(profile) here cause an inability to ever free the
profile, say in case it is replaced?
I know this whole area is drastically changed in a later patch, but if
this is going to be part of a bisectable kernel tree, it'd be nice if
this wasn't terribly leaky. :)
This patch might profitably be merged with an earlier patch; it looks
like a necessary bugfix for something earlier.
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130508/16bd6e2e/attachment.pgp>
More information about the AppArmor
mailing list