ACK: [SRU][B/F][PATCH v4 0/2] Fix memory leak on profile removal
Tim Gardner
tim.gardner at canonical.com
Mon Aug 23 11:22:17 UTC 2021
Acked-by: Tim Gardner <tim.gardner at canonical.com>
On 8/19/21 7:28 AM, Georgia Garcia wrote:
> BugLink: https://bugs.launchpad.net/bugs/1939915
>
> SRU Justification:
>
> [Impact]
>
> There's a memory leak on AppArmor when removing a profile. When the
> proxy isn't replaced and the profile is removed, the proxy is leaked.
>
> [Fix]
>
> Upstream commit 3622ad25d4d fixes the leak by cleaning up the label
> structure within the profile when the profile is getting freed. The
> proxy is freed correctly when cleaning up the label.
> Bionic also requires the cherry-pick of c84b80cd41e0 to clean up
> duplicated code that affects the memory leak.
>
> [Test Plan]
>
> /sys/kernel/debug/kmemleak should not return a memleak when removing
> a profile.
>
> root at ubuntu:~# echo "profile foo {}" > profile
> root at ubuntu:~# apparmor_parser profile
> root at ubuntu:~# apparmor_parser -R profile
> root at ubuntu:~# echo scan > /sys/kernel/debug/kmemleak
> root at ubuntu:~# cat /sys/kernel/debug/kmemleak
>
> [Where problems could occur]
> Low probability of any problem. There's no longer a leak.
>
>
> John Johansen (1):
> apparmor: Fix memory leak of profile proxy
>
> Mateusz Nosek (1):
> security/apparmor/label.c: Clean code by removing redundant
> instructions
>
> security/apparmor/include/label.h | 1 +
> security/apparmor/label.c | 19 +++++++------------
> security/apparmor/policy.c | 1 +
> 3 files changed, 9 insertions(+), 12 deletions(-)
>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list