[SRU][B/F][PATCH v2 0/1] Fix memory leak on profile removal

Georgia Garcia georgia.garcia at canonical.com
Mon Aug 16 13:22:24 UTC 2021


BugLink: https://bugs.launchpad.net/bugs/1939915

SRU Justification:

[Impact]
There's a memory leak on AppArmor when removing a profile. When the
proxy isn't replaced and the profile is removed, the proxy is leaked.

[Fix]

Upstream commit 3622ad25d4d fixes the leak by cleaning up the label
structure within the profile when the profile is getting freed. The
proxy is freed correctly when cleaning up the label.

The backport for Bionic required the removal of duplicated code.
The cherry-pick for Focal did not require changes - it applied cleanly.

[Test Plan]

/sys/kernel/debug/kmemleak should not return a memleak when removing
a profile.

root at ubuntu:~# echo "profile foo {}" > profile
root at ubuntu:~# apparmor_parser profile
root at ubuntu:~# echo scan > /sys/kernel/debug/kmemleak
root at ubuntu:~# cat /sys/kernel/debug/kmemleak

[Where problems could occur]
Low probability of any problem. There's no longer a leak.


John Johansen (1):
  apparmor: Fix memory leak of profile proxy

 security/apparmor/include/label.h |  1 +
 security/apparmor/label.c         | 13 +++++++------
 security/apparmor/policy.c        |  1 +
 3 files changed, 9 insertions(+), 6 deletions(-)

-- 
2.25.1




More information about the kernel-team mailing list