[PATCH 09/14] UBUNTU: SAUCE: apparmor: fix leak on securityfs pin count

John Johansen john.johansen at canonical.com
Wed Feb 1 09:13:05 UTC 2017 

apparmor is leaking pinfs refcoutn when inode setup fails.

BugLink: http://bugs.launchpad.net/bugs/1660846
Signed-off-by: John Johansen <john.johansen at canonical.com>
---
 include/linux/security.h       | 5 ++++-
 security/apparmor/apparmorfs.c | 4 +++-
 security/inode.c               | 5 +++++
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/include/linux/security.h b/include/linux/security.h
index 9306771..e21bf44 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1611,6 +1611,7 @@ static inline void security_audit_rule_free(void *lsmrule)
 
 #ifdef CONFIG_SECURITYFS
 extern int securityfs_pin_fs(void);
+extern void securityfs_release_fs(void);
 extern int __securityfs_setup_d_inode(struct inode *dir, struct dentry *dentry,
 				      umode_t mode, void *data,
 				      const struct file_operations *fops,
@@ -1630,7 +1631,9 @@ static inline int securityfs_pin_fs(void)
 {
 	return -ENODEV;
 }
-
+static inline void securityfs_release_fs(void)
+{
+}
 static inline int __securityfs_setup_d_inode(struct inode *dir,
 					struct dentry *dentry,
 					umode_t mode, void *data,
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index a12e8ab..64bd154 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -1057,7 +1057,7 @@ static int ns_mkdir_op(struct inode *dir, struct dentry *dentry, umode_t mode)
 	error = __securityfs_setup_d_inode(dir, dentry, mode | S_IFDIR,  NULL,
 					   NULL, NULL);
 	if (error)
-		goto out;
+		goto out_pin;
 
 	ns = aa_create_ns(parent, ACCESS_ONCE(dentry->d_name.name), dentry);
 	if (IS_ERR(ns)) {
@@ -1066,6 +1066,8 @@ static int ns_mkdir_op(struct inode *dir, struct dentry *dentry, umode_t mode)
 	}
 
 	aa_put_ns(ns);		/* list ref remains */
+out_pin:
+	securityfs_release_fs();
 out:
 	aa_put_ns(parent);
 
diff --git a/security/inode.c b/security/inode.c
index 1cbc876..7b64f15 100644
--- a/security/inode.c
+++ b/security/inode.c
@@ -51,6 +51,11 @@ int securityfs_pin_fs(void)
 	return simple_pin_fs(&fs_type, &mount, &mount_count);
 }
 
+void securityfs_release_fs(void)
+{
+	simple_release_fs(&mount, &mount_count);
+}
+
 int __securityfs_setup_d_inode(struct inode *dir, struct dentry *dentry,
 			       umode_t mode, void *data,
 			       const struct file_operations *fops,
-- 
2.9.3

More information about the kernel-team mailing list