[PATCH 1/5] UBUNTU: SAUCE: AppArmor: Fix oops after profile removal
John Johansen
john.johansen at canonical.com
Wed Nov 11 16:11:59 UTC 2009
Stefan Bader wrote:
> So the problem arises as aa_profile_newest() would return NULL when being
> called with replacedby being an error_ptr. And aa_profile_newest() is often
> called as producer of the argument to aa_filtered_profile() which tries to
> access profile->flags without checking for a NULL pointer.
> When using a generic profile (I just assume it is) instead,
> is there danger of accidentally dropping it in free_aa_profile()?
>
> if (profile->replacedby && !PTR_ERR(profile->replacedby))
> aa_put_profile(profile->replacedby);
>
No, I could have dropped that in the patch as well as the PTR_ERR stuff in newest profile. There is always a valid profile present most of the time the namespace->unconfined profile. It used to be that NULL or ERR_PTR was used but that didn't allow tracking of which namespace a task was in.
I went for the absolute minimum patch for karmic and cleaned up the PTR_ERR in the upstream version, I can post that instead if you would like.
john
More information about the kernel-team
mailing list