diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2019-03-13 19:07:36 +0100 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2019-03-13 19:07:36 +0100 |
commit | 8636b1dbce854363cd98922b3e4b49a603c4d5fd (patch) | |
tree | 5e5ea62866a58d613842a488db56e792b6fad33b /security/apparmor | |
parent | Merge tag 'kconfig-v5.1' of git://git.kernel.org/pub/scm/linux/kernel/git/mas... (diff) | |
parent | apparmor: fix double free when unpack of secmark rules fails (diff) | |
download | linux-8636b1dbce854363cd98922b3e4b49a603c4d5fd.tar.xz linux-8636b1dbce854363cd98922b3e4b49a603c4d5fd.zip |
Merge tag 'apparmor-pr-2019-03-12' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor
Pull apparmor fixes from John Johansen:
- fix double when failing to unpack secmark rules in policy
- fix leak of dentry when profile is removed
* tag 'apparmor-pr-2019-03-12' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor:
apparmor: fix double free when unpack of secmark rules fails
apparmor: delete the dentry in aafs_remove() to avoid a leak
apparmor: Fix warning about unused function apparmor_ipv6_postroute
Diffstat (limited to 'security/apparmor')
-rw-r--r-- | security/apparmor/apparmorfs.c | 1 | ||||
-rw-r--r-- | security/apparmor/policy_unpack.c | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index 3f80a684c232..fefee040bf79 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -356,6 +356,7 @@ static void aafs_remove(struct dentry *dentry) simple_rmdir(dir, dentry); else simple_unlink(dir, dentry); + d_delete(dentry); dput(dentry); } inode_unlock(dir); diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c index 379682e2a8d5..f6c2bcb2ab14 100644 --- a/security/apparmor/policy_unpack.c +++ b/security/apparmor/policy_unpack.c @@ -579,6 +579,7 @@ fail: kfree(profile->secmark[i].label); kfree(profile->secmark); profile->secmark_count = 0; + profile->secmark = NULL; } e->pos = pos; |