[PATCH 06/11] UBUNTU: SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails

John Johansen john.johansen at canonical.com
Fri Mar 31 13:25:31 UTC 2017

Bind mounts can oops when devname lookup fails because the devname is
uninitialized and used in auditing the denial.

BugLink: http://bugs.launchpad.net/bugs/1660840
Signed-off-by: John Johansen <john.johansen at canonical.com>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
Acked-by: Brad Figg <brad.figg at canonical.com>
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo at canonical.com>
 security/apparmor/mount.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/security/apparmor/mount.c b/security/apparmor/mount.c
index 907d3f0..e780181 100644
--- a/security/apparmor/mount.c
+++ b/security/apparmor/mount.c
@@ -335,6 +335,7 @@ static int match_mnt_path_str(struct aa_profile *profile, const struct path *mnt
 		goto audit;
 	if (IS_ERR(devname)) {
 		error = PTR_ERR(devname);
+		devname = NULL;
 		info = devinfo;
 		goto audit;

More information about the kernel-team mailing list