[PATCH 5/5] UBUNTU: SAUCE: AppArmor: Fix oops there is no tracer and doing unsafe transition.
Andy Whitcroft
apw at canonical.com
Thu Nov 12 11:28:10 UTC 2009
On Tue, Nov 10, 2009 at 10:29:13AM -0800, John Johansen wrote:
> BugLink: http://bugs.launchpad.net/bugs/480112
>
> SRU Justification: This bug can cause confined process to oops at address 0.
> This can occur when executing a process if the LSM_UNSAFE_PTRACE |
> LSM_UNSAFE_PTRACE_CAP flags are set. The likely hood of if/how often this
> will occur depends on if ptrace is being used.
>
> As reported by Tetsuo Handa on kernel-team mailing list:
>
> In aa_may_change_ptraced_domain, if (!tracer) cred == NULL, and
> put_cred(cred) will oops. This will only happen on exec if the task
> is marked as LSM_UNSAFE_PTRACE | LSM_UNSAFE_PTRACE_CAP, so should
> only happen to ptraced tasks that are confined.
>
> Fix this by returning directly from aa_may_change_ptrace_domain if
> there is now tracer.
>
> Signed-off-by: John Johansen <john.johansen at canonical.com>
> ---
> ubuntu/apparmor/domain.c | 4 ++++
> 1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/ubuntu/apparmor/domain.c b/ubuntu/apparmor/domain.c
> index fe89ddc..12e45c6 100644
> --- a/ubuntu/apparmor/domain.c
> +++ b/ubuntu/apparmor/domain.c
> @@ -64,6 +64,10 @@ static int aa_may_change_ptraced_domain(struct task_struct *task,
> cred = aa_get_task_policy(tracer, &tracerp);
> rcu_read_unlock();
>
> + /* not ptraced */
> + if (!tracer)
> + return 0;
> +
> if (!tracerp)
> goto out;
>
> --
> 1.6.3.3
Hrm, now perhaps this is fixing the concern I raised in the previous
patch. Perhaps it would be safer to simply make the put_cred()
incantation instead?
if (cred)
put_cred(cred);
-apw
More information about the kernel-team
mailing list