[PATCH 1/5] UBUNTU: SAUCE: AppArmor: Fix oops after profile removal

John Johansen john.johansen at canonical.com
Wed Nov 11 16:11:59 UTC 2009

Stefan Bader wrote:
> So the problem arises as aa_profile_newest() would return NULL when being
> called with replacedby being an error_ptr. And aa_profile_newest() is often
> called as producer of the argument to aa_filtered_profile() which tries to
> access profile->flags without checking for a NULL pointer.
> When using a generic profile (I just assume it is) instead,
> is there danger of accidentally dropping it in free_aa_profile()?
>         if (profile->replacedby && !PTR_ERR(profile->replacedby))
>                 aa_put_profile(profile->replacedby);
No, I could have dropped that in the patch as well as the PTR_ERR stuff in newest profile.  There is always a valid profile present most of the time the namespace->unconfined profile.  It used to be that NULL or ERR_PTR was used but that didn't allow tracking of which namespace a task was in.

I went for the absolute minimum patch for karmic and cleaned up the PTR_ERR in the upstream version, I can post that instead if you would like.


More information about the kernel-team mailing list