diff options
Diffstat (limited to 'security/apparmor/lsm.c')
| -rw-r--r-- | security/apparmor/lsm.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 3c6fa9753675..7ba43c18687a 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -417,6 +417,10 @@ static int common_file_perm(const char *op, struct file *file, u32 mask) struct aa_profile *profile, *fprofile; int error = 0; + /* don't reaudit files closed during inheritance */ + if (file->f_path.dentry == aa_null.dentry) + return -EACCES; + fprofile = aa_cred_raw_profile(file->f_cred); AA_BUG(!fprofile); @@ -600,6 +604,8 @@ static void apparmor_bprm_committing_creds(struct linux_binprm *bprm) (unconfined(new_ctx->profile))) return; + aa_inherit_files(bprm->cred, current->files); + current->pdeath_signal = 0; /* reset soft limits and set hard limits for the new profile */ |