Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 999b4f0a authored by John Johansen's avatar John Johansen Committed by James Morris
Browse files

AppArmor: Fix locking from removal of profile namespace 



The locking for profile namespace removal is wrong, when removing a
profile namespace, it needs to be removed from its parent's list.
Lock the parent of namespace list instead of the namespace being removed.

Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 04ccd53f

security/apparmor/policy.c

+4 −2
Original line number Diff line number Diff line
@@ -1151,12 +1151,14 @@ ssize_t aa_remove_profiles(char *fqname, size_t size) 
		/* released below */

		ns = aa_get_namespace(root);



	write_lock(&ns->lock);

	if (!name) {

		/* remove namespace - can only happen if fqname[0] == ':' */

		write_lock(&ns->parent->lock);

		__remove_namespace(ns);

		write_unlock(&ns->parent->lock);

	} else {

		/* remove profile */

		write_lock(&ns->lock);

		profile = aa_get_profile(__lookup_profile(&ns->base, name));

		if (!profile) {

			error = -ENOENT;
@@ -1165,8 +1167,8 @@ ssize_t aa_remove_profiles(char *fqname, size_t size) 
		}

		name = profile->base.hname;

		__remove_profile(profile);

	}

		write_unlock(&ns->lock);

	}



	/* don't fail removal if audit fails */

	(void) audit_policy(OP_PROF_RM, GFP_KERNEL, name, info, error);